The browser prompts for a client certificate when accessing the UI in a Cloud Director Availability 4.x Cloud Site
search cancel

The browser prompts for a client certificate when accessing the UI in a Cloud Director Availability 4.x Cloud Site

book

Article ID: 315040

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

Symptoms:
  • When accessing the Cloud Director Availability via the Provider/Tenant Portal or the Cloud Director plug-in, the browser prompts you to select a client certificate.
  • This issue occurs when the client browser is configured with one or more client certificates.
  • This issue occurs when the Cloud Director Availability Portal is accessed via the IP address directly or via an alternate FQDN.


Environment

VMware Cloud Director Availability 4.x

Cause

This issue occurs because connections to the Cloud Director Availability Portal are directed to an alternate port on the Cloud Replication Management Appliance when the address used does not match the public service endpoint configured for the site. The alternate port is configured to request the client certificate, which will cause the browser to initiate a request for a client certificate from the user, if one or more are configured.

Resolution

To resolve this issue access the Cloud Director Availability Portal using the Public Service Endpoint address set during the configuration of the cloud site. For more information, see the Configure the Cloud Service in the Cloud Director site section of the Cloud Director Availability documentation.


Workaround:
To work around this issue, use a browser that does not have a client certificate configured if the Public Service Endpoint address cannot be used to access the Cloud Director Availability Portal.

Additional Information

The Public Service Endpoint address is case sensitive. Since the browser will typically access the URL for the Cloud Director Availability Portal using an address in all lower casing, this address will not match Public Service Endpoint address if it is configured with upper or mixed casing. To avoid this situation, configure the Public Service Endpoint address to only include lower casing.

Impact/Risks:

 

 


Powered by Wolken Software