Error:"Cannot Connect to the vCenter Server due to a Certificate Error"
Article ID: CTX138640
Updated On:
Description
When adding a host connection to a vmware server the following error message is displayed:
"Cannot connect to the vCenter server due to a certificate error. Make sure that the appropriate certificates are installed on the VCenter server, and install appropriate certificates on every controller in the site.If we run a test connection on Hosting Unit, In report we get error " Check that the appropriate certificates are installed on the Vcenter server and on the same machine as all instances of the host server."
Resolution
Solution 1:
Add C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.crt as importing the cert from the browser does not resolve the issue.
Solution 2 : ( VMware ESXi 6.0.x)
Please follow instructions under "Method 2: Update the XenDesktop database with the thumbprint of the new certificate" of CTX224551- XenDesktop Cannot Contact vCenter Server After Changing Certs
2. vCenter certificate is issued to localhost.domain instead of DNS name of vCenter server.
Add C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.crt as importing the cert from the browser does not resolve the issue.
Solution 2 : ( VMware ESXi 6.0.x)
- From a client system Web browser, go to the URL of the vCenter Server system or the vCenter Server Virtual Appliance.
- Click the Download trusted root CA certificates link at the bottom of the grey box on the right and download the file.
- Change the extension of the file to .zip.
The file is a ZIP file of all root certificates and all CRLs in the VMware Endpoint Certificate Store (VECS). - Extract the contents of the ZIP file.
The result is a .certs folder that contains two types of files. Files with a number as the extension (.0, .1, and so on) are root certificates. Files with an extension that starts with an r (.r0,. r1, and so on) are CRL files associated with a certificate. - Install the certificate files as trusted certificates by following the process that is appropriate for your operating system.
For most Microsoft Windows systems, you can follow the instructions at https://technet.microsoft.com/en-us/library/cc754841.aspx
Please follow instructions under "Method 2: Update the XenDesktop database with the thumbprint of the new certificate" of CTX224551- XenDesktop Cannot Contact vCenter Server After Changing Certs
Problem Cause
1. Delivery controller doesn't trusts the Hypervisor's root certificates2. vCenter certificate is issued to localhost.domain instead of DNS name of vCenter server.
Issue/Introduction
When adding a host connection to a vmware server we get the error message "Cannot connect to the vCenter server due to a certificate error.
per a comment in http://blogs.citrix.com/2013/12/18/using-the-default-vmware-vcenter-server-certificate-in-xendesktop-pocs/ I had to add C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.crt
Additional Information
Was this article helpful?
Yes
No
Powered by
