VMware Cloud Community
KOMBill
Contributor
Contributor
‎11-13-2013 01:09 PM

Can't use Remote Console in Web Client: "SSL verification failure for 'My_ESXI_Host' due to a host thumbprint mismatch: stored thumbprint does not match certificate thumbprint."

I'm brand new to vSphere 5.5.  I just upgraded a 4.1U1 install and everything went well.  However, now that I'm trying to work with the web client, I can't actually connect to any of my VMs via the Launch Console functionality.  It spawns a new browser window and then gives me the error shown in the topic about a SSL cert thumbprint mismatch.  My Google-fu showed a VMware KB article about stopping the Web Client service an then going into %ProgramData%\VMware\vSphere Web Client\SerenityDB\ to delete whatever's there and restart the service - no effect.

Any clues?  I can still connect without issue using the standard 5.5 vi-client.

Reply
0 Kudos
3 Replies
573M4
Contributor
Contributor
‎11-21-2013 07:27 AM

Hi KOMBiII,

same problem here. Deleting SerenityDB + restarting the web client service didn´t work.

I searched the web but the only promising hit ( http://blog.docx.org/2013/02/22/vmware-vsphere-meldet-fehlerhaftes-ssl-zertifikat/ ) didn´t work, too...

btw. which browser did you use? At first the web client worked for me using IE 8 32bit @ Win 7 Pro 64bit. The problem started right after I tried to connect using google chrome 31.0.1650.57m on the same machine, because I wanted to know if that works so that I can connect to the vCenter Server from my linux box, too.

Reply
0 Kudos
KOMBill
Contributor
Contributor
‎11-21-2013 07:49 AM

I was using Chrome for my web client connection.  I still haven't found a fix for this issue, and apparently we are the only ones on the planet that have come across this.  I don't remember all my steps while getting used to the new stuff, but at some point I was using IE as well.  None of the big 3 browsers work for me.

Reply
0 Kudos
mknaup
Enthusiast
Enthusiast
‎02-04-2014 06:32 AM

Hi!

I suppose this isn't a current issue anymore, but I'm answering anyway in case anyone else experiences this issue.

I ran into this when testing an IPv6 setup. It occured once I configured an A and AAAA record for the ESXi hosts, which was necessary since the console plugin is broken (like a lot around the Web Client, but that's a different story...)

Bottom line: make sure there are no duplicate DNS entries for your ESXi hosts or the vCenter server, which means no second IP address for the same hostname. A hostname lookup must not return more than one IP address, no matter if A or AAAA.

Cheers,

Martin

Reply
0 Kudos