This is a known issue affecting VMware vSphere Integrated Containers 1.2.
Currently, there is no resolution.
For more information, see
vCenter redirects to Admiral IP rather than hostname after login.
Workaround:
When the appliance uses the IP address instead of the FQDN the HTTP redirect appear to be an un-trusted certificate. To validate this and ensure we are looking at the correct address, we can get the certificate thumbprint details from the web browser.
To workaround this issue, manually verify fingerprint that the cert presented in the browser and the certificate that is being presented from the VIC Appliance.
To find the fingerprint from vic appliance:
- Use SSH connect to the vSphere Integrated Containers appliance as
root
user.
$ ssh root@vic_appliance_address/FQDN
- Use the embedded
openssl
to view the certificate fingerprint of the VIC Appliance (management portal):
- The management portal certificate authenticates access to the vSphere Integrated Containers Management Portal.
- openssl x509 -in /data/admiral/cert/server.crt -noout -sha1 -fingerprint