Opening a VMRC Console from VMware vRealize Automation to a vCloud Director virtual machine fails with the error: SSL verification failure for "virtual_console" due to a host thumbprint mismatch
search cancel

Opening a VMRC Console from VMware vRealize Automation to a vCloud Director virtual machine fails with the error: SSL verification failure for "virtual_console" due to a host thumbprint mismatch

book

Article ID: 342178

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

Symptoms:
  • Opening a VMRC console connection from the self-service portal in VMware vRealize Automation (formerly known as VMware vCloud Automation Center) to a virtual machine provided by vCloud Director (vCD) fails.
  • The VMRC console screen is blank and displays an error.
  • The VMRC log files contain entries similar to:

    YYYY-MM-DDT10:44:08.978-06:00| vmrc| I120: cui::CertificateCheck::CheckCertEmbedded - SSL verification failure for "virtual_console" due to a host thumbprint mismatch: stored thumbprint "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" does not match cert thumbprint "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11".
    YYYY-MM-DDT10:44:08.978-06:00| vmrc| I120: cui::vmrc::DlgMgrImpl: "SSL verification failure for "virtual_console" due to a host thumbprint mismatch: stored thumbprint "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" does not match cert thumbprint "11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11:11"."
    YYYY-MM-DDT10:44:08.987-06:00| vmrc| I120: cui::vmrc::VMCnx::OnConnectAborted: Connect cancelled for MOID "vm-2420" on "virtual_console"

    Note: For more information on log locations, see Location of vCloud Director VMRC client log files(2001071).


Environment

VMware vCloud Automation Center for Server 5.2.x
VMware vCloud Automation Center for Desktop 5.2.x

Cause

This issue occurs when VMware vRealize Automation (formerly known as VMware vCloud Automation Center) requests a ticket for use with the VMRC connection from a vCD cell. The resulting ticket contains the SSL Certificate thumbprint from the issuing vCD cell. If the VMRC connection is initiated to a cell that has a different certificate, the thumbprints do not match and the connection is aborted.

Resolution

To resolve this issue, generate a common certificate that can be used across all cells in your vCD environment and install it on each cell.

For more information, see Generating SSL certificates for VMware vCloud Director (1026309).


Additional Information

Generating SSL certificates for VMware vCloud Director 1.x/5.x
Location of vCloud Director VMRC client log files

Powered by Wolken Software