I've found vSphere HA agent on one ESXi 5.1.0 host disabled. I'm trying to reconnect but with no success. Searching vpxd log on vCSA I suppose some certificate problem to be reason:
2013-09-16T13:06:48.973+02:00 [7FFB63D80700 error 'Default'] SSLStreamImpl::DoClientHandshake (0
0007ffb56997f10) SSL_connect failed. Dumping SSL error queue:
2013-09-16T13:06:48.973+02:00 [7FFB63D80700 error 'Default'] [0] error:14090086:SSL routines:SSL
3_GET_SERVER_CERTIFICATE:certificate verify failed
2013-09-16T13:06:48.973+02:00 [7FFB63D80700 error 'HttpConnectionPool-000001'] [ConnectComplete]
Connect failed to <cs p:00007ffb7b740070, TCP:mrak.racom.cz:443>; cnx: (null), error: N7Vmacore
3Ssl18SSLVerifyExceptionE(SSL Exception: Verification parameters:
--> PeerThumbprint: 08:EC:23:C0:78:C9:24:A3:F0:83:A8:CC:40:51:95:86:D9:43:7F:E4
--> ExpectedThumbprint:
--> ExpectedPeerName: mrak.racom.cz
--> The remote host certificate has these problems:
-->
--> * Host name does not match the subject name(s) in certificate.
-->
--> * unable to get local issuer certificate)
2013-09-16T13:06:48.978+02:00 [7FFB68AF8700 info 'commonvpxLro' opID=6c47530e] [VpxLRO] -- FINIS
H task-internal-89757948 -- datacenter-2 -- vim.Datacenter.queryConnectionInfo --
2013-09-16T13:06:48.978+02:00 [7FFB68AF8700 info 'Default' opID=6c47530e] [VpxLRO] -- ERROR task
-internal-89757948 -- datacenter-2 -- vim.Datacenter.queryConnectionInfo: vim.fault.SSLVerifyFau
lt:
--> Result:
--> (vim.fault.SSLVerifyFault) {
--> dynamicType = <unset>,
--> faultCause = (vmodl.MethodFault) null,
--> selfSigned = false,
--> thumbprint = "08:EC:23:C0:78:C9:24:A3:F0:83:A8:CC:40:51:95:86:D9:43:7F:E4",
--> msg = "",
--> }
--> Args:
-->
Following VMware KB: Cannot add or connect an ESXi 4.1 host to vCenter Server 5.x I've checked SSL in SoftwareAdvanced Setting (see attachement) but I see no security.host.ruissl in /etc/vmware/config. Any idea, please?
