This issue occurs if the self-signed certificate of the vCenter Server is not trusted or the FQDN or shortname of the vCenter Server changed after the initial installation.
To resolve this issue, you must create a self-signed certificate for your vCenter Server.
To create a self-signed certificate:
-
-
Create a folder named openssl in C:\
-
Open command prompt and navigate to C:\Program Files\GnuWin32\bin.
Note: You may need to run the command prompt as administrator in order for the below commands to work.
-
Run these commands to create the SSL certificates:
openssl genrsa 1024 > c:\openssl\rui.key
openssl req -new -key c:\openssl\rui.key > c:\openssl\rui.csr -config "C:\Program Files\GnuWin32\share\openssl.cnf"
Note: Provide necessary information about the certificate, such as country, organization, name, and email ID and provide the FQDN or Netbios name in the Common Name field of the vCenter Server. You do not have to specify a passkey in this step.
openssl x509 -req -days 730 -in c:\openssl\rui.csr -signkey c:\openssl\rui.key -out c:\openssl\rui.crt
openssl pkcs12 -export -in c:\openssl\rui.crt -inkey c:\openssl\rui.key -passout pass:testpassword -out c:\openssl\rui.pfx
-
To replace the certificates on vCenter Server:
-
Copy the existing rui.key, rui.crt, and rui.pfx files from C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\ to a backup folder.
-
Copy the custom rui.key, rui.crt, and rui.pfx files to C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\.
Note: In Windows Server 2008, copy the files to C:\ProgramData\VMware\VMware VirtualCenter\SSL\.
-
-
To reset your database password, browse to the root directory of your vCenter Server installation, and run the command:
vpxd.exe –p
When prompted for your new password, enter your existing database password. When prompted to confirm your password, reenter the password.
-
-
To install the certificate into the trusted root CAs on the vCenter Server:
-
Double-click the rui.crt file located at C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\.
-
Click Install Certificate and click Next and Next.
-
Select Place all certificates in the following store.
-
Select the Trusted Root Certification Authorities certificate store.
-
Click OK, Next, Finish, and Yes.
-
Log in to vCenter Server using your new certificate.
-
If your ESX hosts are showing as disconnected, right-click on the host, follow the prompts, and connect the host using the root credentials.