Connecting to vCenter Server/ESXi 5.0 Update 3, 5.1 Update 2, and 5.5 from any source using HTTP is no longer supported
Article ID: 308842
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms:
When connecting to vCenter Server/ESXi 5.0 Update 3, 5.1 Update 2, and 5.5 from any source, you see these symptoms:
When connecting to vCenter Server/ESXi 5.0 Update 3, 5.1 Update 2, and 5.5 from any source, you see these symptoms:
- Connecting to vCenter Server or an ESXi host using HTTPS is successful but HTTP connections fail
- You see an error in the vSphere Client similar to:
The vSphere Client has lost the connection to the "vCenterServer" server. Do you want to return to the login dialog. - When attempting to open an HTTP connection using the VMware Web Services (WS) SDK, you see an error similar to:
ERROR: failed to connect: HTTP transport error: java.net.ConnectException:
Connection timed out: connect : Connection timed out: connect - The vSphere Client log shows an error similar to:
OnServiceEvent ConnectionLost for http://vCenterServer/sdk : Failed to initialize inventory topology due to the following error:
[:Error :P:23] 2014-02-04 09:15:39.438
VirtualInfrastructure.Exceptions.SilentException:
Inner Exception - VirtualInfrastructure.Exceptions.ConnectionError:
Connection has been manually closed.
Environment
VMware vCenter Server 5.0.x
VMware vCenter Server 5.5.x
VMware vCenter Server 5.1.x
VMware vCenter Server 5.5.x
VMware vCenter Server 5.1.x
Cause
This issue is caused by a design change for security reasons. In newer versions of vCenter Server and ESXi (5.0 Update 3 , 5.1 Update 2, and 5.5 and later), non-secure HTTP connections are not allowed.
This change was triggered due to the behavior of some remote desktop solutions, such as the Citrix XenDesktop client. When these applications connect to vCenter Server or ESXi, they may use HTTP, which bypasses cookie protection, and this can lead to sensitive authentication information being transmitted in plain text.
On older versions of vCenter Server and ESXi (5.0 Update 2, 5.1 Update 1 and earlier):
This change was triggered due to the behavior of some remote desktop solutions, such as the Citrix XenDesktop client. When these applications connect to vCenter Server or ESXi, they may use HTTP, which bypasses cookie protection, and this can lead to sensitive authentication information being transmitted in plain text.
On older versions of vCenter Server and ESXi (5.0 Update 2, 5.1 Update 1 and earlier):
- Connecting to vCenter Server and ESXi using HTTPS works, and the default SSL certificate installed with vCenter Server must be imported to the client machine.
- Connecting to vCenter Server and ESXi using HTTP also works, but an entry in the
proxy.xmlfile is required on vCenter Server and on the ESXi host.
Resolution
This is expected behavior. To connect to the listed versions of ESXi or vCenter Server, you must use the HTTPS protocol.
Notes:
Notes:
- In vCenter Server/ESXi 5.0 Update 3, 5.1 Update 2, and 5.5, HTTPS is the only supported protocol.
- To use HTTPS, SSL certificates must be imported to the remote machine from the vCenter Server/ESXi host.
Additional Information
For more information on vSphere Client log file locations, see vSphere Client System Logs in the VMware vSphere 5.5 Documentation Center.
HTTPを利用してvCenter Server/ESXi 5.0 Update 3、5.1 Update 2、5.5 への接続がサポートされなくなりました
HTTPを利用してvCenter Server/ESXi 5.0 Update 3、5.1 Update 2、5.5 への接続がサポートされなくなりました
Feedback
Yes
No
Powered by
