During virtual machine backups, VDDK recorded that Avamar was using the previous SSL thumbprint "##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##" to communicate with vCenter, resulting in an SSL error when vCenter presented a new thumbprint after its certificate change.

No corresponding logs were recorded on the vCenter server for the specified time period.

The following log entries were found in/usr/local/avamarclient/var/avvcbimageAll.cmd located on the Avamar proxy appliance:

YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Logging to /usr/local/avamarclient/var/<VM-Name>-vmimagel.log
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: - Reading /usr/local/avamarclient/var/avvcbimage.cmd
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: - Reading /usr/local/avamarclient/var/avvcbimageA11.cmd
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: CTL listening on port 33027
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Setting ctl measage version to 3 (from 1)
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Setting ctl max message size to 268435456
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: SSL Certificate Thumbprint: ##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##:##
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: disable retry if curl tineout: false
2025-10-16 10:27:40 avvcbimage Info <>: download datastore information: true
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: max HTTP attempts to vCenter: 3
2025-10-16 10:27:40 avvcbimage Info <>: HTTP attempt interval 10000 milli-seconds
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: setParent (): sGuestlame= sProxyHostName=<Proxy Name> avCentername=<vCenter FQDN> sGuestVmName=<VM Name> sVmxPath=<Datastore> 
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: vcApiVersion 6.5
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: VSphereHTTP :: vcVersion65 will be true
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: job type = 4
YYYY-MM-DD HH:MM:SS avvcbimage Warning <>: Soap fault detected, Connection problem with WS ticket, Mag:'SOAP 1.1 fault: SOAP-ENV:Client [no subcode] "SSL error" Detail: SSL certificate authentication error in top_connect ()
YYYY-MM-DD HH:MM:SS avvcbimage Warning <>: [IMG] Problem logging into URL '<vCenter FQDN>' with session cookie.
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Logging into URL '<vCenter FQDN>' with user '[email protected]' credentials.
YYYY-MM-DD HH:MM:SS avvcbimage Warning <>: Soap fault detected, Connection problem 5.0, Msg: 'SOAP 1.1 fault: SOAP-ENV:Client [no subcode] "SSL error" Detail: S5L certificate authentication error in top_connect ()
YYYY-MM-DD HH:MM:SS avvcbimage Error <>: [IMG] Problem logging into URL '<vCenter FQDN>' with user '[email protected]'
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Starting graceful (staged) termination, Failed to log into web service. (wrap-up stage)
YYYY-MM-DD HH:MM:SS avvcbimage Warning <>: Login failed
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: isExitOK()=208
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Body- abortrecommended(t)
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: vmparams ()
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: isExitOK()-208
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: Value of runflags.m_allDisksIncluded is true
YYYY-MM-DD HH:MM:SS avvcbimage Error <>: [IMG0009] Create Snapshot: snapshot creation/pre-script/post-script fail d.
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: 1sExitOK()=208
YYYY-MM-DD HH:MM:SS avvcbimage Info <>: snapshot created:false NOMC:false ChangeBlTrackingAvail:true UsingChBl:true, ExitOK:false, cancelled:false, fatal: true
YYYY-MM-DD HH:MM:SS avvcbimage Warning <>: Soap fault detected, Connection problem with WS ticket, Msg: 'SOAP 1.1 fault: SOAP-ENV:Client [no subcode] "SSL error" Detail: SSL certificate authentication error in tep_connect ()

• Avamar relies on the vCenter SSL certificate for authentication and backups.
• If the vCenter server’s SSL certificate is replaced but the new thumbprint is not applied to Avamar proxies, certificate authentication fails and image-based backups are interrupted.