Re: Does vSphere 6.7 sdk handle certificates diffe...

abmark · ‎05-07-2018

Using vSphere sdk 6.5 the communication works perfectly.
Using vSphere sdk 6.7 (and 6.5) on vCenter 6.7, the communication does not work and I receive the following message:
"An error occurred while making the HTTP request to https://10.78.13.45/sdk. This could be due to the fact that the server certificate is not configured properly with HTTP.SYS in the HTTPS case. This could also be caused by a mismatch of the security binding between the client and the server."

Everything ESXi(s) work(s) fine, as well vCenter, just I am not able to communicate with vCenter using sdk 6.7.

peetz · ‎05-07-2018

Hi Alesandro,

this is pobably related to TLS version support changes in vSphere 6.7. vSphere 6.7 supports only TLS 1.2 (but not 1.1 or 1.0 by default).

More info here: Support for Transport Security Layer 1.2 and here: VMware Knowledge Base

This KB article explains how to enable TLS 1.2 e.g. for PowerCLI (and other .NET Framework based programs): VMware Knowledge Base

- Andreas

Twitter: @VFrontDe, @ESXiPatches | https://esxi-patches.v-front.de | https://vibsdepot.v-front.de

len_rat · ‎05-15-2019

I had a simular issue because I used another powershell module that used the older SSLv3 and TLS1. After commands form the non-powercli module where finished the whole powershell instance was reverted back to the default security mechanism. Then powercli will revert also back to the use of TLS which is not supported by default on Vcenter 6.7. Three possible solutions are:

- Easiest but not recommended: Revert vcenter back to use older TLS versions

- Run the commands for the other module in a seperate powershell instance, background job (start-job)

- After the other module commands are completed revert the session backup to TLS1.2

[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

All

Does vSphere 6.7 sdk handle certificates differently from 6.5?