Error: "Unable to connect to vCenter" when creating a new replications
search cancel

Error: "Unable to connect to vCenter" when creating a new replications

book

Article ID: 401451

calendar_today

Updated On:

Products

VMware Cloud Director

Issue/Introduction

  • Creating a new replication fails with the below error :

    Unable to connect to vCenter '########-####-####-########3217'.
  • In the /opt/vmware/h4/cloud/log/cloud.log on the  source site the below error is present:

    DATE TIME ERROR - [UI-########-####-####-########0186-###4-GZ-oR-bDR-oc] [job-84] com.vmware.h4.jobengine.JobExecution : Task ########-####-####-########ca32 (WorkflowInfo{type=
    '__private_sourceVmDetails', resourceType='VcdVm', resourceId='########-####-####-########509f', isPrivate=true, resourceName='null'}) has failed

    com.vmware.h4.replicator.api.exceptions.FailedToAcquireVcConnection: Unable to connect to vCenter '########-####-####-########3217'.
            at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
            at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:77)
            at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
    [...]

  • In the /opt/vmware/h4/replicator/log/replicator.log on the  source site the below error is present:

    DATE TIME ERROR - [UI-########-####-####-########0186-##4-GZ-oR-bDR-oc-eP-PC] [https-jsse-nio-8043-exec-5] c.v.h.c.c.error.ExceptionAdvisorBase : A GET request from System@example[##.##.##.##.##] to /inventory/########-####-####-########3217/vms/vm-####75 failed.
    com.vmware.h4.replicator.api.exceptions.FailedToAcquireVcConnection: Unable to connect to vCenter '########-####-####-########3217'.
            at com.vmware.h4.replicator.vc.VcConnector.acquire(VcConnector.java:355)
            at com.vmware.h4.replicator.vc.VcConnector.acquireLatest(VcConnector.java:329)
            at com.vmware.h4.replicator.vc.inventory.VcInventoryService.getVm(VcInventoryService.java:212)

    AND

    DATE TIME DEBUG - [UI-########-####-####-########0186-###4-GZ-oR-bDR-oc-eP-PC] [https-jsse-nio-8043-exec-5] com.vmware.h4.replicator.vc.VcConnector : Unable to connect to VC ########-####-####-########3217
    com.vmware.vim.sso.client.exception.InternalError: Cannot sign request message
            at com.vmware.vim.sso.client.impl.SecurityTokenServiceImpl$RequestResponseProcessor.executeRoundtrip(SecurityTokenServiceImpl.java:897)
    [....]

    Caused by: com.vmware.vim.sso.client.impl.exception.SignatureException: Error while creating SOAP request signature
            at com.vmware.vim.sso.client.impl.signature.WsSecuritySignatureImpl.sign(WsSecuritySignatureImpl.java:162)
            at com.vmware.vim.sso.client.impl.SecurityTokenServiceImpl$RequestResponseProcessor.executeRoundtrip(SecurityTokenServiceImpl.java:888)
            ... 134 common frames omitted
    Caused by: javax.xml.crypto.dsig.XMLSignatureException: java.security.InvalidKeyException: No installed provider supports this key: sun.security.ec.ECPrivateKeyImpl
            at java.xml.crypto/org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:424)
            at com.vmware.vim.sso.client.impl.signature.WsSecuritySignatureImpl.sign(WsSecuritySignatureImpl.java:148)
            ... 135 common frames omitted
    Caused by: java.security.InvalidKeyException: No installed provider supports this key: sun.security.ec.ECPrivateKeyImpl
            at java.base/java.security.Signature$Delegate.chooseProvider(Signature.java:1303)
            at java.base/java.security.Signature$Delegate.engineInitSign(Signature.java:1373)
            at java.base/java.security.Signature.initSign(Signature.java:635)
            at java.xml.crypto/org.jcp.xml.dsig.internal.dom.DOMSignatureMethod.sign(DOMSignatureMethod.java:377)
            at java.xml.crypto/org.jcp.xml.dsig.internal.dom.DOMXMLSignature.sign(DOMXMLSignature.java:421)
            ... 136 common frames omitted

Environment

VMware Cloud Director Availability 4.7.3

Cause

A custom certificate from the Certificate Authority (CA) Let's Encrypt is used for the replicator service. Let's Encrypt CA by default issues certificates using ECDSA private keys by default.
VMware Cloud Director Availability only accept certificate using RSA key type as per documentation at Upload a CA-signed SSL certificate

Resolution

Regenerating the certificate on the replicator service with a certificate issued by  Let's Encrypt and using an RSA key type or replacing the certificate on the replicator service with a self-signed certificate.

For additional information on regenerating the certificate on the replicator visit the documentation Replace the SSL certificate of the Replicator Service.

Powered by Wolken Software