To work around this issue:
Note: Windows XP and Server 2003 has reached end of support and new hotfixes will not be available. For more information, see
Windows Support Has Ended.
For Windows Server 2003, 64-bit Windows XP, or 32-bit Windows XP, perform one of these options:
- Before installing the vSphere Client or vSphere PowerCLI, upgrade the Windows operating system on the host machine to Windows Vista or later.
- On the vCenter Server 5.1 and 5.5 host machine, modify the vpxd.cfg to reduce the implied security by allowing the server to communicate using weak cipher suites:
For Windows-based vCenter Server
- Connect to the vCenter Server using RDP.
- Navigate to the directory:
C:\ProgramData\VMware\VMware VirtualCenter\
- Backup the vpxd.cfg file. Do not skip this step.
- Open the vpxd.cfg file in a text editor
- Add the <cipherList>ALL</cipherList> parameter between the <ssl>...</ssl> section of the configuration file, for example:
<config>
...
<vmacore>
...
<ssl>
...
<cipherList>ALL</cipherList>
...
</ssl>
...
</vmacore>
...
</config>
- Save and close the vpxd.cfg file.
- Restart the vCenter Server service for the setting to take affect. For more information, see Stopping, starting, or restarting vCenter services (1003895).
For the vCenter Server Appliance
- Connect to the vCenter Server Appliance via SSH. For more information, see Enable or Disable SSH Administrator Login on the VMware vCenter Server Appliance in the vCenter Server and Host Management Guide.
- Navigate to the directory:
/etc/vmware-vpx/
- Backup the vpxd.cfg file. Do not skip this step.
- Open vpxd.cfg file in a plan text editor
- Add the <cipherList>ALL</cipherList> parameter between the <ssl>...</ssl> section of the configuration file, For example:
<config>
...
<vmacore>
...
<ssl>
...
<cipherList>ALL</cipherList>
...
</ssl>
...
</vmacore>
...
</config>
- Save and close the vpxd.cfg file.
- Restart the vCenter Server service for the change to take effect. For more information, see Stopping, starting, or restarting vCenter Server Appliance services (2054085).
On the ESXi 5.1 and 5.5 host, modify the
rhttpproxy service to reduce the implied security by allowing the host to communicate using weak cipher suites:
For ESXi 5.1 and 5.5
- Connect to the host via SSH. For more information, see Using ESXi Shell in ESXi 5.0 and 5.1 (2004746).
- Navigate to the directory:
/etc/vmware/rhttpproxy/
- Backup the config.xml file. Do not skip this step.
- Open config.xml file using vi editor. For more information, see Editing files on an ESX host using vi or nano (1020302).
- Add the <cipherList>ALL</cipherList> parameter between the <ssl>...</ssl> section of the configuration file. Use the model below as an example:
<config>
...
<vmacore>
...
<ssl>
<doVersionCheck> false </doVersionCheck>
<useCompression>true</useCompression>
<libraryPath>/lib/</libraryPath>
<handshakeTimeoutMs>120000</handshakeTimeoutMs>
<cipherList>ALL</cipherList>
</ssl>
...
</vmacore>
...
</config>
- Save and close the config.xml file
- Reset the rhttpproxy service for the change to take effect by running the command:
/etc/init.d/rhttpproxy restart
Additional Information
For translated versions of this article, see: