-
Title
Problem connecting to VM server through VCenter. -
Description
Getting error below when trying to connect VMware Vcenter after Windows servers were patched. Severity Alarm Raised Message Snoozed By Snoozed Until
High Monitored Server - VMware Connection Failure 4/22/2013 3:32:40 PM Cannot connect to VMware server 'VCDELL.vm.com' :The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.
-
Resolution
Microsoft released an update that requires certificates to be 1024-bit encrypted, and by default, certificates on the vCenter servers are 512-bit encrypted:
http://support.microsoft.com/kb/2661254
Base on above article, the certificates can be re-created on the vCenter server with 1024 bits, you can add a reg hack to the Spotlight diagnostic server that will allow the current 512-bit encrypted certificates to work. If the diagnostic server is running Windows 2008, you can create the reg hack by starting a command prompt with elevated privileges (run as administrator), and then run the following command:
certutil -setreg chain\minRSAPubKeyBitLength 512
Reboot the server.
Note: IE still cannot not load the vCenter server, so that's not a valid test of success.