Unable to access Virtual Container Host (VCH) on port 2378
search cancel

Unable to access Virtual Container Host (VCH) on port 2378

book

Article ID: 317008

calendar_today

Updated On:

Products

VMware vSphere ESXi

Issue/Introduction

Symptoms:
  • After replacing the vCenter Server certificate, the VCHs running on that vCenter Server instance will no longer function.
  • You are unable to access the VCH on https://VCHaddress:2378 and see a message similar to the following:
ERROR: Failed to connect to xxx.xxx.xxx: Post https://vCenterServer/sdk: Host "vCenterServer:443" thumbprint does not match "30:47:03:1B:51:17:99:2D:57:52:A5:C6:52:C5:EE:64:7D:0E:02:8D"


Environment

VMware vSphere Integrated Containers 1.x

Resolution

  • Obtain the latest thumbprint value for the vCenter Server certificate (you can use SSH and OpenSSL to obtain the certificate thumbprint for a vCenter Server Appliance instance)

openssl x509 -in /etc/vmware-vpx/ssl/rui.crt -fingerprint -sha1 -noout

  • Once you have the thumbprint copied then provide the new certificate thumbprint to the VCH with the --thumbprint option.

vic-machine-operating_system configure --target vcenter_server_address --user [email protected] --password "password" --id "vch_id" --thumbprint "new_certificate_thumbprint"

 

Note: You can obtain the VCH ID by running the previous command and replacing "configure" with "inspect".


Additional Information

https://vmware.github.io/vic-product/assets/files/html/1.5/vic_vsphere_admin/configure_vch.html

Powered by Wolken Software