HCX Site Pairing failed with the error "Login to # failed. Cannot authenticate using the provided credentials".
search cancel

HCX Site Pairing failed with the error "Login to # failed. Cannot authenticate using the provided credentials".

book

Article ID: 414159

calendar_today

Updated On:

Products

VMware

Issue/Introduction

  • HCX Site Pairing failed with the UI Error "Login to <IP/FQDN> failed. Cannot authenticate using the provided credentials".
  • The following error was observed in the HCX source /common/logs/admin/web.log 
    <timestamps> [https-jsse-nio-127.0.0.1-8443-exec-4, Ent: HybridityAdmin, , TxId: TxId: ########-####-####-####-#############] ERROR c.v.v.h.api.registration.CloudConfig- Remote HCX login failed, response: {"status":"SUCCESS","statusCode":401,"reason":"","headers":[{<Time Stamp>},{"Server":"Apache"},{"x-transaction-id":"########-####-####-####-#############"},{"X-Content-Type-Options":"nosniff"},{"X-XSS-Protection":"1; mode=block"},{"Cache-Control":"no-cache, no-store, max-age=0, must-revalidate"},{"Pragma":"no-cache"},{"Expires":"0"},{"Strict-Transport-Security":"max-age=31536000 ; includeSubDomains"},{"X-Frame-Options":"SAMEORIGIN"},{"vary":"accept-encoding"},{"Content-Type":"application\/json"},{"Content-Security-Policy":"style-src 'self' 'unsafe-inline'; font-src 'self' data:; img-src 'self' data:;"},{"Referrer-Policy":"no-referrer"},{"Keep-Alive":"timeout=5, max=100"},{"Connection":"Keep-Alive"},{"Transfer-Encoding":"chunked"}],"cookies":[],"result":"{\n  \"timestamp\" : ############,\n  \"status\" : 401,\n  \"error\" : \"Unauthorized\",\n  \"path\" : \"\/hybridity\/api\/sessions\"\n}"}

    <timestamps> [https-jsse-nio-127.0.0.1-8443-exec-4, Ent: HybridityAdmin, , TxId: TxId: ########-####-####-####-#############] WARN  c.v.v.h.api.registration.CloudConfig- Login to https://<IP/FQDN> failed. Cannot authenticate using provided credentials
  • The following error was observed in the HCX destination /common/logs/admin/web.log 
    <timestamps> [https-jsse-nio-8443-exec-7, , , TxId: ] ERROR c.v.v.h.a.HybridityAuthenticationEntryPoint- AuthenticationEntryPoint - got AuthenticationException

    org.springframework.security.authentication.BadCredentialsException: Error validating user <username>@vsphere.local: Status code: 500, Reason: Internal Server Error<?xml version='1.0' encoding='UTF-8'?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><S:Fault xmlns:ns4="http://www.w3.org/2003/05/soap-envelope"><faultcode xmlns:ns0="http://docs.oasis-open.org/ws-sx/ws-trust/200512">ns0:FailedAuthentication</faultcode><faultstring>Invalid credentials</faultstring></S:Fault></S:Body></S:Envelope>

            ....
    Caused by: java.lang.RuntimeException: Error validating user <username>@vsphere.local: Status code: 500, Reason: Internal Server Error<?xml version='1.0' encoding='UTF-8'?><S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"><S:Body><S:Fault xmlns:ns4="http://www.w3.org/2003/05/soap-envelope"><faultcode xmlns:ns0="http://docs.oasis-open.org/ws-sx/ws-trust/200512">ns0:FailedAuthentication</faultcode><faultstring>Invalid credentials</faultstring></S:Fault></S:Body></S:Envelope>

    <timestamps>  [https-jsse-nio-8443-exec-7, , , TxId: ] ERROR c.v.v.h.a.HybridityAuthenticationEntryPoint- Sending Response Error 401 for /hybridity/api/session

Environment

VMware HCX

Cause

The username or password used for establishing the Site Pairing is incorrect.

Resolution

Provide a user from the destination/target site's SSO configuration. The user must be included in the HCX Role-Mapping Group configuration.

Note: The [email protected] user is included by default.

To ensure the username and password are correct, log in to the target vCenter using the same credentials and verify that you can log in.

 

Additional Information

Add a Site Pair

Powered by Wolken Software