Symptoms:
免责声明:本文为 vCenter Server or Platform Services Controller certificate validation error for external VMware Solutions in vSphere 6.0 (2109074) 的翻译版本。尽管我们会不断努力为本文提供最佳翻译版本,但本地化的内容可能会过时。有关最新内容,请参见英文版本。
某些解决方案(如 VMware vCenter Site Recovery Manager、VMware vSphere Replication 或 VMware vCenter Support Assistant)可能会安装在 vCenter Server 系统或 Platform Services Controller 以外的其他计算机上。
如果替换了 vCenter Server 或 Platform Services Controller 上的计算机 SSL 证书,则在该解决方案尝试连接到 vCenter Server 或 Platform Services Controller 时会出现连接错误。原因是 vCenter Server 系统和 Platform Services Controller 使用新证书,但 VMware Lookup Service 的相应服务注册未更新。解决方案连接到 vCenter Server 或 Platform Services Controller 时,会查看包括服务 URL 和 sslTrust 字符串在内的服务注册。尽管成功替换了证书,但在默认情况下,sslTrust 字符串仍是 Base 64 编码的旧证书。
尝试连接到 vCenter Server 或 Platform Services Controller 时会看到以下错误:
- vSphere Replication
Unable to obtain SSL certificate: The vCenter Server vCenter_FQDN is not correctly registered in LookupService
- vCenter Site Recovery Manager
SRM server with GUID GUID of vCenter not paired.
Failed to connect to vCenter Server at vCenter_FQDN:443/sdk. Reason:
com.vmware.vim.vmomi.core.exception CertificateValidationException: Server certificate chain not verified.
-
VMware NSX for vSphere (NSX-v)
NSX Management Service operation failed.(Initialization of Admin Registration Service Provider failed. Root Cause: Error occurred while registration of lookup service, com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain not verified)
-
VMware Integrated OpenStack
Connection failed!
Please check whether the server has enabled SSO from management server log at:/installer.log.
在 VMware Integrated OpenStack installer.log 文件中,您会看到类似以下内容的条目:
[2015-04-10 14:49:18,848 main ERROR com.vmware.vim.install.impl.AdminServiceAccess] com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain not verified
[2015-04-10 14:49:18,849 main DEBUG com.vmware.vim.install.impl.AdminServiceAccess]
com.vmware.vim.sso.admin.exception.CertificateValidationException: com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain not verified
-
VMware vCenter Support Assistant
Something failed. Try Again.
com.vmware.vim.vmomi.core.exception.CertificateValidationException: Server certificate chain not verified
Server certificate chain not verified
peer not authenticated
-
VMware 客户体验改善计划
vSphere Web Client 报告:
Error occurred while processing request. Check vSphere WebClient logs for details.vsphere_client_virgo.log 报告类似以下内容的错误:
[2015-10-07T13:08:41.001Z] [ERROR] http-bio-9090-exec-3 70000101 100009 200004 com.vmware.vsphere.client.ceip.impl.CeipServiceImpl Error occurred in showNotification. com.vmware.vim.binding.vmodl.fault.SystemError:Internal server error.
有关日志位置的详细信息,请参见
Location of VMware vCenter Server 6.0 log files (2110014)。
注意:上述日志摘录仅为示例。日期、时间和环境变量可能会因环境而有所不同。
在以下任一情况下都可能出现该问题:
- 在嵌入式部署上替换计算机 SSL 证书。
- 在安装过程中将 Platform Services Controller 上的计算机 SSL 证书替换为外部 Platform Services Controller。
- 在安装过程中将 vCenter Server 系统上的计算机 SSL 证书替换为外部 Platform Services Controller。