Solved

vmware a secure connection to the host could not be established

Posted on 2011-09-26
25
2,820 Views
Last Modified: 2012-05-12
Hello

I have just recreated certificate for ESXi4.1 server
I try to connect to the vCenter Server using:

1. localhost:443 -> dosen't connect I get error "... The Server closed the connection"

2. localhost -> dosen't connect I get error "... The Server closed the connection"

3. localhost:80 -> it connect but sayes "The server you are onnecting is not encrypting its network traffic. A Third-part could eavesdrop on this connection. Do you still wish to continue?"
if I press [YES]
I do get connected but when tring to open any VM using Open Console the console open with black screen and after same time I get the message
" a secure connection to the host could not be established"

So I can access My VM's please advise what sould I do to currect it

Thanks
0
Comment
Question by:DoronAviad
  • 13
  • 12
25 Comments
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
how did you re-create the certificate?
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
I'm a little confused here, are you connecting to vCenter or direct to the ESXi 4.1 server?
0
 

Author Comment

by:DoronAviad
Comment Utility
hanccocka
I recreated the Certificate by using Reset System Configuration

I'm Connecting to the vCenter (Installed on Windows7 64Bit) that is running on my computer
so that's way I use localhost

0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
So you cannot connect to the vCenter Server?

So this has nothing to do with renaming and Resetting Configuration on ESXi server?
0
 

Author Comment

by:DoronAviad
Comment Utility
I cannot connect to the vCenter Securly,
But I can Connect using port 80, then from vCenter Console if I try to open a VM using the Open Console I get the error a secure connection to the host could not be established

you are probebly right "this has nothing to do with renaming and Resetting Configuration on ESXi server", I thlout that after recreting the Certificate the problem will go away
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
Okay, so this error was occuring, and then you thought you would re-create the certificate?

Have you always had this error with vCenter?

When you use the vSphere GUI, can you connect to the IP Address of your Windows 7 64 bit computer and note 127.0.0.1.

also disable firewalls.
0
 

Author Comment

by:DoronAviad
Comment Utility
Yes

Not always, it started after some time

How do I check it ?, How can I Ping from the GUI ?

I will disable firewalls
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
If you start the vSphere GUI

1. can you connect by IP address to the ESXi 4.1 server?

2. can you connect by IP address (not 127.0.0.1) to the vCenter Server?
0
 

Author Comment

by:DoronAviad
Comment Utility
1. When connecting to the ESXi IP address I get security warnings:
An untrusted SSL certificate is installed on "192.168.0.150" and secure communication cannot be
guaranteed. Depending on your security policy, this issue might nor represent a securitu concern
Yau may need to install a trusted SSL certificate on your server to prevent this warning from appearing.
The certificate received from "192.168.0.150" was issued from "localhost.localdomain". Secure
communication with "192.168.0.150" cannor be guaranteed. Ensure the fully-qualified
domain name on the certificate matches the address of the server you are trying to connect to

if I ignore this message I do connect to the vSphere Client, and I can open VM's by right click and use "Open Console" I do get console window working without the Black screen I got before
But in this way off connection I don't have all the Vcenter Addons working

2. When tring to connect to the vCenter Server by IP address I get this Error:
vSphere Client could not connect to "192.168.0.15"
A communication error occured while sending data to the server
(the underlying connection was closed: An unexpected error occurred on a send)
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
1. vCenter addons only work when connected to vCenter. Okay so it seems you have good (normal) communications between PC and ESXi using vSphere GUI client.

2. Okay vCenter Server issue.

Try restarting vCenter Services.

Check Computer Event logs.

Check vCenter Server logs

You may need to run vCenter in standalone mode.

0
 

Author Comment

by:DoronAviad
Comment Utility
I cannot connect to the vCenter Server using Localhost directly I have to use
localhost:80
Then I get this worning message

The server you are connecting to is not encrypting its network traffic. A third-party
could eavesdrop on this connection. Do you still wish to continou?

if I answer "YES" i do Get Connected but when
Open Console I get the error a secure connection to the host could not be established


When trying to connect to the vCenter Server By IP and Port 80 "192.168.0.15:80"
I get the same message above as I got when connecting to localhost:80
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
Let me ask you two questions?

1. Are you using the vSphere GUI to connect to the vcenter server?

2. what do you type in the IP Address/Name?
0
Complete Microsoft Windows PC® & Mac Backup

Backup and recovery solutions to protect all your PCs & Mac– on-premises or in remote locations. Acronis backs up entire PC or Mac with patented reliable disk imaging technology and you will be able to restore workstations to a new, dissimilar hardware in minutes.

 

Author Comment

by:DoronAviad
Comment Utility
1. I am using vmware vSphere Client
2. by name I use: localhost:80
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
in the name there is no need to use 80.

Just input the IP address of the computer that has vCenter service installed on it.

do not use localhost or the hostname, either user DNS, or create an entry in your hosts file.
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
I meant, do not use localhost, use the IP address, or create a hostname, fqdn in the hosts file.

can you connect correctly?
0
 

Author Comment

by:DoronAviad
Comment Utility
The computer that has the vCenter services is my desktop computer that I working on (windows7 64bit)
If I use only localhost ot the IP address of my computer 192.168.0.15
I get error and cannot connect to the vCenter
If I add :80 to the name or the IP I can logon to the vCenter

you also asked me to restart the service and check the log files:
I see in the log files 4 events  Event ID 1000 like this one:

The description for Event ID 1000 from source VMware VirtualCenter Server cannot be found. Either the component that raises this event is not installed on your local computer or the installation is corrupted. You can install or repair the component on the local computer.

If the event originated on another computer, the display information had to be saved with the event.

The following information was included with the event:

Log directory: C:\Windows\system32\config\systemprofile\AppData\Local\VMwarevpx.

the message resource is present but the message is not found in the string/message table



in the vCenter Itself when I added the ESXi Host I tried with the ESXi IP address 192.168.0.150 and with the ESXi hostname  ESXi.mygroup.local  and each option workes OK
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
okay, so normally if you just use the IP address of 192.168.0.15 in the vSphere GUI you cannot connect?

and would you like to be able to connect if you just use the IP address which is normal?
0
 

Author Comment

by:DoronAviad
Comment Utility
Yes

Yes

0
 
LVL 117

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE) earned 500 total points
Comment Utility
Okay, I think the quickest way of resolving this issue is to Uninstall vCenter, and Re-install using the existing SQL database.
0
 

Author Comment

by:DoronAviad
Comment Utility
I have unistalled vCenter Server

When reinstalling I get this error

The Following port number are either invalid or already in use

VMWare VirtualCenter HTTPS Port:443
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
check the services, is this service running?

this could be the issue, the service is hung or not responding?
0
 

Author Comment

by:DoronAviad
Comment Utility
The service is not running because I have uniinstalled vCenter

Now when I install it again I get the Config Port Screen
Where Port 443 is the HTTPS Port

but when pressing Next I get Error message
The Following port number are either invalid or already in use

VMWare VirtualCenter HTTPS Port:443
0
 

Author Comment

by:DoronAviad
Comment Utility
I found the Problem with Port 443

The Service WinHTTP Web Proxy Auto-Discovery Service was using this port I stoped it and now the installation is running
0
 

Author Closing Comment

by:DoronAviad
Comment Utility
habccocka

Thank you for you great help

Now everything is working

Thanks again
0
 
LVL 117

Expert Comment

by:Andrew Hancock (VMware vExpert / EE MVE)
Comment Utility
very good. glad its all working how it should.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

It Is not possible to enable LLDP in vSwitch(at least is not supported by VMware), so in this article we will enable this, and also go trough how to enabled CDP and how to get this information in vSwitches and also in vDS.
When we have a dead host and we lose all connections to the ESXi, and we need to find a way to move all VMs from that dead ESXi host.
Teach the user how to rename, unmount, delete and upgrade VMFS datastores. Open vSphere Web Client: Rename VMFS and NFS datastores: Upgrade VMFS-3 volume to VMFS-5: Unmount VMFS datastore: Delete a VMFS datastore:
Teach the user how to configure vSphere Replication and how to protect and recover VMs Open vSphere Web Client: Verify vsphere Replication is enabled: Enable vSphere Replication for a virtual machine: Verify replicated VM is created: Recover replica…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now