After upgrading the Platform Services Controller Appliance 6.0 to Update 1, you are unable to access the HTTPS splash page
book
Article ID: 315325
calendar_today
Updated On:
Products
VMware vCenter Server
Issue/Introduction
Symptoms: After upgrading the Platform Services Controller (PSC) Appliance 6.0 to Update 1 you experience these symptoms:
You are no longer redirected from https://FQDN_of_Platform_Services_Controller ( PSC's HTTPS splash page) to https://FQDN_of_Platform_Services_Controller/WebSSO.
You see the error:
503 Service Unavailable (Failed to connect to endpoint: [N7Vmacore4Http20NamedPipeServiceSpecE:0x7f19400b7f50] _serverNamespace = / _isRedirect = false _pipeName =/var/run/vmware/vpxd-webserver-pipe)
In the /var/log/vmware/rhttpproxy/rhttpproxy.log file, you see the loopback address is not being loaded for the vmidentity.conf:
YYYY-MM-DDT14:13:37.150Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] Processing file: /etc/vmware-rhttpproxy/endpoints.conf.d/vmidentity.conf YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /sso-adminserver/idp YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /sso-adminserver/sdk YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /sts/STSService YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /websso YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /lookupservice/sdk YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /lookupservice/mob YYYY-MM-DDT14:13:37.194Z info rhttpproxy[7F194BA84780] [Originator@6876 sub=Default] New/Updated endpoint added: /lookupservice
Note: This this log is missing the New/Update endpoint added line:
YYYY-MM-DDT13:35:19.053Z info rhttpproxy[7F9143B43780] [Originator@6876 sub=Default] New/Updated endpoint added: /
In the /etc/vmware-rhttpproxy/endpoints.conf.d file, you see these entries:
# VMidentity (SSO) endpoint configuration file for reverse proxy # Endpoint Connection-type Endpoint-address HTTP-access-Mode HTTPS-access-mode /sso-adminserver/idp local 7080 reject allow /sso-adminserver/sdk local 7080 reject allow /sts/STSService local 7080 reject allow /websso local 7080 redirect allow /lookupservice/sdk local 7080 reject allow /lookupservice/mob local 7080 reject allow /lookupservice local 7080 reject allow
Note: This configuration file is missing the redirect: / local 7080 redirect allow
Note: The preceding log excerpts are only examples. Date, time, and environmental variables may vary depending on your environment.
Environment
VMware vCenter Server Appliance 6.0.x
Resolution
This issue is resolved in VMware vCenter Server Appliance 6.0 Update 2, available at VMware Downloads.
To work around this issue without upgrading, manually add the redirect entry to the vmidentity.conf file:
Connect to the Platform Service Controller Appliance using the SSH or console.
Run this command to enable access to the Bash shell:
shell.set --enabled true
Type shell and press Enter.
Backup the current vmidentity.conf file using this command: