I'm attempting to disable TLS 1.0 and 1.1 in a mixed environment where vcenter is 6.7 and ESXI hosts are 6.7 and 6.5 respectively. Through everything I have read i understand the utility does not run 100%. Higher version of 6.7 configurator displays and non-compatibile error with esxi 6.5. Attempting to run a 6.5 Tls configurator results in errors. I've attempted to disconnect the host from vcenter and attempt a standalone ESXI tls reconfiguration and am faced with a "Authd protocol error" see below. The host itself can't be upgraded to 6.7 as the model is not supported. Any assistance would be greatly appreciated.
Traceback (most recent call last): File "./reconfigureEsx", line 564, in <module>
main()
File "./reconfigureEsx", line 560, in main
args.func(args)
File "./reconfigureEsx", line 411, in ReconfigureStandaloneHost
ReconfigureHost(host, False, False, args.protocols, nfc, address)
File "./reconfigureEsx", line 446, in ReconfigureHost
ReconfigureRhttpproxy(host, nfc, address)
File "./reconfigureEsx", line 477, in ReconfigureRhttpproxy
client.Connect()
File "/usr/lib/vmware-vSphereTlsReconfigurator/EsxTlsReconfigurator/pyVim/nfclib.py", line 1054, in Connect
msg = self.GetAuthdResponse()
File "/usr/lib/vmware-vSphereTlsReconfigurator/EsxTlsReconfigurator/pyVim/nfclib.py", line 1130, in GetAuthdResponse
raise Exception("ERROR: Authd protocol error, "
Exception: ERROR: Authd protocol error, connection was closed prematurely
Hi, have the same problem in the same mixed Environment.
When i tried to Reconfigure the HOST (Vsphere6.5 version) with the TlsReconfigurator 6.7 of the Vcenter i had this error on unsupported version:
Host "eu-esx13.infser.it" is of unsupported version: 6.5.
Least supported version: 6.6.
To reconfigure 6.5 or 6.0 host, you need to use 6.5 or 6.0 EsxTlsReconfigurator respectively.
Skipping reconfiguration of ESXi host "eu-esx13.infser.it".
I installed the VMware-vSphereTlsReconfigurator-6.5.0-10629370.x86_64.rpm and i tried again but i had this ERROR:
ESXi Transport Layer Security reconfigurator, version=6.5.0, build=10629370
For more information refer to the following article: https://kb.vmware.com/kb/2147469
Log file: "/var/log/vmware/vSphere-TlsReconfigurator/EsxTlsReconfigurator.log".
Connecting to vCenter Server at: "localhost".
Password:
Validating product version at: "localhost".
Traceback (most recent call last):
File "./reconfigureEsx", line 564, in <module>
main()
File "./reconfigureEsx", line 560, in main
args.func(args)
File "./reconfigureEsx", line 238, in ReconfigureVCenterHosts
None)
File "./reconfigureEsx", line 195, in LocateVCenterEntities
for key, values in result.iteritems():
AttributeError: 'collections.defaultdict' object has no attribute 'iteritems'
I don't undestarnd what is happened, i attached my log. Seems that it is tryng to use the 6.7 version..
2020-05-04T14:06:43.824Z INFO Log file: "/var/log/vmware/vSphere-TlsReconfigurator/EsxTlsReconfigurator.log".
2020-05-04T14:06:43.824Z DEBUG ReconfigureVCenterHosts args: "Namespace(func=<function ReconfigureVCenterHosts at 0x7f9923160400>, host=['eu-.....it'], protocols=['TLSv1.1', 'TLSv1.2'], user='l....t')".
2020-05-04T14:06:43.824Z INFO Connecting to vCenter Server at: "localhost".
2020-05-04T14:06:50.417Z DEBUG Product serviceIntance: "'vim.ServiceInstance:ServiceInstance'"
2020-05-04T14:06:50.418Z INFO Validating product version at: "localhost".
2020-05-04T14:06:50.421Z DEBUG Product at "localhost" version: "6.7".
2020-05-04T14:06:50.437Z DEBUG LocateVCenterEntities type, names: "<class 'pyVmomi.VmomiSupport.vim.HostSystem'>", "['eu-esx13.infser.it']".
2020-05-04T14:06:50.456Z DEBUG vCenter Server located entities of type "<class 'pyVmomi.VmomiSupport.vim.HostSystem'>": "(ManagedObject) [
Thank you for the help!!
LEB
I was having the same problem and after some research I found python 3 is not supporting iteritems method.
So I have renamed result.iteritems() to result.items() in ./reconfigureEsx script also copy "cp /usr/lib/vmware/site-packages/pyVim/nfclib.py /usr/lib/vmware-vSphereTlsReconfigurator/EsxTlsReconfigurator/pyVim/nfclib.py" and issue got resolved.
Thank you,
Amit Parmar