Error "The service at https://vcda_ipaddress is currently not accessible" when accessing Cloud Director Availability plugin from vCenter
search cancel

Error "The service at https://vcda_ipaddress is currently not accessible" when accessing Cloud Director Availability plugin from vCenter

book

Article ID: 420634

calendar_today

Updated On:

Products

VMware Live Recovery

Issue/Introduction

  • SSL certificates is replaced on vCenter server. From vCenter UI --> Launching 'Cloud Provider DR and Migration' plugin, fails with error 'The service at https://vcda_ipaddress is currently not accessible. The original error message is: Authentication required ' .




  • If you click on the VCDA IP mentioned in the error "The service at https://VCDA_IP", it successfully redirects to VCDA portal.
  • Attempting to remove the VCDA(VMware Cloud Director Availability) plugin following Unregister the VCDA plugin from vCenter fails with error "Certificate differs from the expected one"



  • In '/opt/vmware/h4/manager/log/manager.log' of VCDA appliance, you see entries similar to:

     WARN - [UI-#####-#####-#####-#####-#####] [https-jsse-nio-8441-exec-8] c.v.h.c.s.BaseVsphereUiPluginInstaller   : Failed to cleanup remote plugin from VC: https://vCenter_URL:443/sdk

    com.vmware.exception.CertificateMismatchException: javax.net.ssl.SSLException: Certificate seen on the network differs from the certificate we expected
            at com.vmware.exception.converter.ClientExceptionConverter.convertException(ClientExceptionConverter.java:69)
            at com.vmware.vlsi.util.ExceptionConverterInterceptor.handleException(ExceptionConverterInterceptor.java:32)
            at com.vmware.vim.vmomi.client.common.impl.ResponseImpl.setError(ResponseImpl.java:263)
            at com.vmware.vim.vmomi.client.http.impl.HttpExchangeBase.setResponseError(HttpExchangeBase.java:356)
            at com.vmware.vim.vmomi.client.http.impl.HttpExchange.invokeWithinScope(HttpExchange.java:57)

Environment

Cloud Director Availability 4.7.x
vCenter Server 8.x

Cause

 This issue occurs when certain services on vCenter still contains reference to old SSL certificates leading to mismatch

Resolution

To resolve this issue,

  1. Review and fix SSL trust anchor mismatch on vCenter server following the instructions provided here - KB/322183 .
  2. SSH to vCenter server and restart all services by running the following command:

    service-control --stop --all && service-control --start --all

Powered by Wolken Software