高可用性 Platform Service Controller 環境で VMware vSphere Web Client 6.0 が次のエラーで失敗する:vCenter Single Sign-On サーバへの認証要求の送信中にエラーが発生しました(An error occurred while sending an authentication request to the vCenter Single Sign-On server)
search cancel

高可用性 Platform Service Controller 環境で VMware vSphere Web Client 6.0 が次のエラーで失敗する:vCenter Single Sign-On サーバへの認証要求の送信中にエラーが発生しました(An error occurred while sending an authentication request to the vCenter Single Sign-On server)

book

Article ID: 341804

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • vSphere Web Client にログインすると、次のようなエラーが表示される。

    A server error occurred.

    [400] An error occurred while sending an authentication request to the vCenter Single Sign-On server - An error occurred when processing the metadata during vCenter Single Sign-On setup - Unable to initialize, java.io.IOException: extra data given to DerValue constructor.

    Check the vSphere Web Client server logs for details.

  • vsphere_client_virgo.log ファイルに次のようなエントリが表示される。

    [<YYYY-MM-DD>T<time>] [ERROR] http-bio-9090-exec-5o.a.c.c.C.[.[localhost].[/ds].[healthStatusRequestHandler] Servlet.service() for servlet [healthStatusRequestHandler] in context with path [/ds] threw exception [com.vmware.cis.data.service.exception.ServiceInitializationException: CIS DS service failed to retrieve the SSO trusted certificates.Please, check the log and see if the SsoService has initialized successfully and whether it crashed while fetching the certificates.] with root cause com.vmware.cis.data.service.exception.ServiceInitializationException: CIS DS service failed to retrieve the SSO trusted certificates.Please, check the log and see if the SsoService has initialized successfully and whether it crashed while fetching the certificates.

    at com.vmware.cis.data.service.session.StsCertManagerImpl.downloadStsCertificates(StsCertManagerImpl.java:79)
    at com.vmware.cis.data.service.session.StsCertManagerImpl.getStsCertificates(StsCertManagerImpl.java:46)
    at com.vmware.cis.services.common.sso.SsoOverRestVerifierUtil.verifySecurityHeader(SsoOverRestVerifierUtil.java:143)
    at com.vmware.cis.cm.common.endpoint.ServletHelper.getVerifiedInputStream(ServletHelper.java:267)
    at com.vmware.cis.cm.common.endpoint.ServletHelper.requestPrologue(ServletHelper.java:180)
    at com.vmware.cis.cm.common.endpoint.HealthStatusServlet.doGet(HealthStatusServlet.java:105)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:735)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
    at com.vmware.cis.data.service.health.DsHealthStatusRequestHandler.handleRequest(DsHealthStatusRequestHandler.java:58)
    at org.springframework.web.context.support.HttpRequestHandlerServlet.service(HttpRequestHandlerServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
    at org.eclipse.virgo.web.tomcat.support.ApplicationNameTrackingValve.invoke(ApplicationNameTrackingValve.java:33)
    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1040)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:607)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)

    [<YYYY-MM-DD>T<time>] [ERROR] ing.timer.TimerFactoryBean#0 com.vmware.vise.vim.security.sso.impl.NgcSolutionUser Login as solution user failed. java.security.cert.CertificateException: Unable to initialize, java.io.IOException: extra data given to DerValue constructor
    at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:199)
    at sun.security.provider.X509Factory.engineGenerateCertificate(X509Factory.java:97)
    at java.security.cert.CertificateFactory.generateCertificate(CertificateFactory.java:339)
    at com.vmware.vise.util.security.CertificateUtil.generateCertificate(CertificateUtil.java:80)
    at com.vmware.vise.vim.security.sso.impl.SsoCmLocatorImpl.getSsoServerInfoFromCM(SsoCmLocatorImpl.java:74)
    at com.vmware.vise.vim.security.sso.impl.SsoCmLocatorImpl.getSsoServerInfo(SsoCmLocatorImpl.java:54)
    at com.vmware.vise.vim.security.sso.impl.NgcSolutionUser.login(NgcSolutionUser.java:133)
    at com.vmware.vise.vim.security.sso.impl.NgcSolutionUser.getLoggedInToken(NgcSolutionUser.java:87)
    at com.vmware.vise.vim.cm.impl.DefaultLoginCallback.login(DefaultLoginCallback.java:30)
    at com.vmware.vise.vim.cm.impl.ComponentManagerServiceImpl$1.call(ComponentManagerServiceImpl.java:246)
    at com.vmware.vise.vim.cm.impl.ComponentManagerServiceImpl$1.call(ComponentManagerServiceImpl.java:243)
    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
    at com.vmware.vise.vim.cm.impl.ComponentManagerServiceImpl.getCMInfo(ComponentManagerServiceImpl.java:227)
    at com.vmware.vise.vim.cm.impl.ComponentManagerServiceImpl.getServiceManager(ComponentManagerServiceImpl.java:194)
    at com.vmware.vise.vim.cm.impl.ComponentManagerServiceImpl.search(ComponentManagerServiceImpl.java:144)
    at com.vmware.vise.vim.cm.healthstatus.InventoryServiceHealth.getServiceInfo(InventoryServiceHealth.java:133)
    at com.vmware.vise.vim.cm.healthstatus.InventoryServiceHealth.getISHealthEndPoint(InventoryServiceHealth.java:199)
    at com.vmware.vise.vim.cm.healthstatus.InventoryServiceHealth.getInventoryServiceHealthStatus(InventoryServiceHealth.java:79)
    at com.vmware.vise.vim.cm.healthstatus.InventoryServiceHealth.getStatus(InventoryServiceHealth.java:63)
    at com.vmware.vise.vim.cm.healthstatus.CompositeClientHealthService.getStatus(CompositeClientHealthService.java:46)
    at com.vmware.vise.vim.cm.healthstatus.HealthStatusUpdater.update(HealthStatusUpdater.java:24)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:606)
    at org.springframework.util.MethodInvoker.invoke(MethodInvoker.java:273)
    at org.springframework.scheduling.support.MethodInvokingRunnable.run(MethodInvokingRunnable.java:65)
    at org.springframework.scheduling.timer.DelegatingTimerTask.run(DelegatingTimerTask.java:70)
    at java.util.TimerThread.mainLoop(Timer.java:555)
    at java.util.TimerThread.run(Timer.java:505)
    Caused by: java.io.IOException: extra data given to DerValue constructor
    at sun.security.util.DerValue.init(DerValue.java:384)
    at sun.security.util.DerValue.<init>(DerValue.java:294)
    at sun.security.x509.X509CertImpl.<init>(X509CertImpl.java:196)
    ...29 common frames omitted
    </time></time>
    :これらのログの抜粋は一例です。日付、時間、および環境変数は、環境によって異なる場合があります。

    vsphere_client_virgo.log ファイルは次の場所にあります。

    • Windows のインストール︰

      C:\ProgramData\VMware\vCenterServer\logs\vsphere-client\logs\vsphere_client_virgo.log

    • Appliance のインストール︰

      /var/log/vmware/vsphere-client/logs/vsphere_client_virgo.log

:前述のログの引用は単なる例です。日付、時間、および環境変数は、環境によって異なる場合があります。

Symptoms:
免責事項:これは英文の記事「VMware vSphere Web Client 6.0 in a High Availabilty Platform Service Controller environment fails with the error: An error occurred while sending an authentication request to the vCenter Single Sign-On server (2120514)」の日本語訳です。記事はベストエフォートで翻訳を進めているため、ローカライズ化コンテンツは最新情報ではない可能性があります。最新情報は英語版の記事で参照してください。

Environment

VMware vCenter Server 6.0.x
VMware vCenter Server Appliance 6.0.x

Resolution

この問題は、vCenter Server および vCenter Server Appliance 6.0 Update 1 で修正されました。VMware Downloads から入手できます。詳細については、『VMware vCenter Server 6.0 Update 1 Release Notes』を参照してください。

Additional Information

Configuring PSC 6.0 High Availability after upgrading from SSO 5.5 High Availability (2110879) VMware vSphere Web Client 6.0 in a High Availabilty Platform Service Controller environment fails with the error: An error occurred while sending an authentication request to the vCenter Single Sign-On server

Powered by Wolken Software