Can't connect vCenter Server?

Is the vCenter Service started?

Any events in the Event logs on the Server?

Yes, the VirtualCenter Server service is started. The Web Client service is not since it always immediately exists when I try to start it.

No events in the Event logs as far as VMWare is concerned.

I've found something in imsTrace.log though:

2013-03-29 14:19:38,985, [IMS Timer Service Thread-1], (FailoverContextFactoryImpl.java:154), trace.com.rsa.ims.connectionpool.manager.impl.FailoverContextFactoryImpl, DEBUG, SERV-VSPHERE.hisnat.local,,,,Testing primary connection for pool slot-0-group
2013-03-29 14:19:39,016, [IMS Timer Service Thread-1], (FailoverContextFactoryImpl.java:164), trace.com.rsa.ims.connectionpool.manager.impl.FailoverContextFactoryImpl, DEBUG, SERV-VSPHERE.hisnat.local,,,,Primary connection for pool slot-0-group still down

and this:

Execution Exception: com.rsa.common.ConnectionException: Error connecting to the identity source
      Caused by: javax.naming.NamingException: getInitialContext failed. javax.resource.spi.ResourceAdapterInternalException: Unable to create a managed connection 'ldaps://SERV-DC1.hisnat.local:3269' with 'GSSAPI' Reason: javax.resource.spi.ResourceAdapterInternalException: Unable to create managed connection SASL bind failed: SERV-DC1.hisnat.local:3269 [Root exception is javax.resource.spi.ResourceAdapterInternalException: Unable to create a managed connection 'ldaps://SERV-DC1.hisnat.local:3269' with 'GSSAPI' Reason: javax.resource.spi.ResourceAdapterInternalException: Unable to create managed connection SASL bind failed: SERV-DC1.hisnat.local:3269]

You mean you cannot access vCenter using either vSphere client and web client remotely?

1) I'm assuming you are running vCenter on Windows correct? If so, what version of vCenter are you running?

2) Have any changed been made on the vCenter server or DB server recently?

3) Have you made any changes to your AD environment?

4) Have you read this article yet? http://communities.vmware.com/thread/431783

1. Yes, vCenter 5.1 on Windows 2008.
2. No. I had just upgraded it from 5.0 to 5.1 some weeks ago. But it had worked afterwards.
3. No
4. Yes but I've not demoted any DC

Does your VCenter 5.1 DB resides on a seperate server? If so, has any thing changed over the past couple of day? For example, any DB restores?

Have you verified that all vcenter DB tables contain the correct information?

The DB is on the same server. No changes. No restores.

How would I verify that all DBs contain the correct information ... ?

Did you look at the log extracts I posted?

Thank you

Yes, I did see the logs extract you posted.

In your SQL server in your SSO DB did you check the table referenced in the link I posted to see if it does contact the correct DC information.

Is the time on your vCenter correct. If you have the Windows 2008 Remote Admin Tools installed. Run the command klist purse from a command prompt to purge your kerbose cache them reboot.

Ok, seems I have identified the problem: the certificate (for client authentication etc) on my DC has expired ... but I can't just renew it!?

When I try to do that I get: Domain Controller - status: unavailable on the 'request certificates' page of the Certificate Enrollment Wizard ...

Guess I have to figure out that problem now then.

Interesting, are there any errors in the event logs on your DC? Is so, please post them and I will try to help you through this.

hm, seems like the CA's certificate expired too ... but why would it? why wouldn't it alert me beforehand? and how do I renew it ... ?

when I try to renew it (with the same key or a new key) I get this error 'you do not have permission to request a certificate based on the selected certificate temple' although I'm the domain admin?

thanks for any help!

The problem was that the certificate of the CA had expired!