vCenter Integration / data collection failure in VCF Operations 9.0 with SSLHandshakeException
search cancel

vCenter Integration / data collection failure in VCF Operations 9.0 with SSLHandshakeException

book

Article ID: 421016

calendar_today

Updated On:

Products

VCF Operations

Issue/Introduction

Integrating a vCenter Server with VCF Operations 9.0 fails with the error "SSLHandshakeException occurred during connection to VCF" when validating or saving the cloud account.

Complete error message:

"SSLHandshakeException occurred during connection to VCF. Please verify the certificates and accept them The cloud account(VCF) SDDC cannot be saved. SDDC not found"

The issue occurs specifically for vCenter instances managed under VMware Cloud Foundation (VCF). The error appears after replacing or renewing the vCenter certificate.

Adapter Logs @ /storage/log/vcops/log/adapters/VMwareAdapter/VMwareAdapter_(Internal_id).log

ERROR VMwareAdapter 18536 [ops@4413 threadId="179" threadName="Collector worker thread 15" instanceId="ID"] [(Internal ID) com.integrien.adapter.vmware.VMwareAdapter.initializeVimClient] - Unable to connect to VC https://<vCenter_FQDN>/sdk
 com.vmware.vim.vmomi.client.exception.SslException: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
 .
 .
 Caused by: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target

Environment

VCF Operation 9.0
vCenter 8.x / 9.0

Cause

The SSL handshake fails because the new vCenter CA-signed certificate is not trusted by VCF Operations. The adapter logs confirm the failure due to:

“unable to find valid certification path to requested target” (PKIX path building failure).

This occurs when:

  • vCenter certificate was recently replaced or renewed & the updated vCenter certificate is not present in the VCF Operations trusted certificate store

Resolution

Step 1: Export the vCenter Server Certificate

  1. Open a browser and navigate to the vCenter Server URL.

  2. Click the Lock icon → Connection is secure.

  3. Select Show certificate.

  4. Go to the Details tab.

  5. Select the leaf/server certificate from the hierarchy.

  6. Click Export, and save it as Base64-encoded ASCII (.pem / .crt).

Step 2: Import the Certificate into VCF Operations

  1. Log in to VCF Operations UI.

  2. Navigate to Administration → Control Panel.

  3. Go to Trusted Certificates → Import.

  4. Upload the exported certificate.

  5. Review the certificate details and Import.

Step 3: Revalidate the Integration

  1. Go to Integrations in VCF Operations.

  2. Click Validate Connection.

  3. Click Save.

  4. vCenter data collection will resume successfully.

Powered by Wolken Software