On ESXi 5.5, have been successfully using vim-cmd to power on/off VMs, but it has stopped working (was working last week).
Commands like 'vim-cmd vmsvc/getallvms' are working - but, 'vim-cmd vmsvc/power.off foobar' do not.
If I run 'vim-cmd -d trivia vmsvc/power.off foobar', then I can see that perhaps this is a certificate problem:
2015-09-21T13:20:44.138Z [FFDC85B0 info 'Default'] Logging uses fast path: true
2015-09-21T13:20:44.138Z [FFDC85B0 info 'Default'] Handling bora/lib logs with VmaCore facilities
2015-09-21T13:20:44.138Z [FFDC85B0 info 'Default'] Initialized channel manager
2015-09-21T13:20:44.138Z [FFDC85B0 info 'Default'] Current working directory: /
2015-09-21T13:20:44.139Z [FFE2BB70 info 'ThreadPool'] Thread enlisted
2015-09-21T13:20:44.139Z [FFE6CB70 info 'ThreadPool'] Thread enlisted
2015-09-21T13:20:44.140Z [FFEADB70 info 'ThreadPool'] Thread enlisted
2015-09-21T13:20:44.140Z [FFEEEB70 info 'ThreadPool'] Thread enlisted
2015-09-21T13:20:44.140Z [FFDC85B0 info 'ThreadPool'] Thread pool on asio: Min Io, Max Io, Min Task, Max Task, Max Concurency: 2, 200, 2, 10, 2147483647
2015-09-21T13:20:44.140Z [FFDC85B0 info 'ThreadPool'] Thread enlisted
2015-09-21T13:20:44.143Z [FFDC85B0 info 'Default'] Vmacore::InitSSL: handshakeTimeoutUs = 20000000
2015-09-21T13:20:44.143Z [FFDC85B0 info 'SysCommandPosix'] ForkExec(/usr/libexec/hostd/nssquery) 75710
2015-09-21T13:20:44.147Z [FFE2BB70 error 'HttpConnectionPool-000000'] [ConnectComplete] Connect failed to <cs p:1f3004a8, TCP:localhost:443>; cnx: (null), error: N7Vmacore3Ssl18SSLVerifyExceptionE(SSL Exception: Verification parameters:
--> PeerThumbprint: XX:49:XX:84:67:XX:24:43:XX:2C:D3:XX:55:44:XX:42:70:XX:4C:XX
--> ExpectedThumbprint:
--> ExpectedPeerName: localhost
--> The remote host certificate has these problems:
-->
--> * Host name does not match the subject name(s) in certificate.
-->
--> * unable to get local issuer certificate)
2015-09-21T13:20:44.147Z [FFDC85B0 info 'vmomi.soapStub[0]'] Resetting stub adapter for server <cs p:1f3004a8, TCP:localhost:443> : Closed
(vim.fault.NotFound) {
dynamicType = <unset>,
faultCause = (vmodl.MethodFault) null,
msg = "Unable to find a VM corresponding to "foobar"",
}
The "ExpectedThumbprint:" being empty seems suspect...
* I see nothing in logs that is of help..
* The certificate in /etc/vmware/ssl seems to be valid (does not expire until 2026)
* /etc/hosts has an entry for localhost - the CN in the cert is for 'localhost.localdomain'
* the licenses are valid...
Any help on where to dig next would be appriciated...
Thanks!
We saw this in diskless installs of ESXi that did not have the scratch redirected. See: VMware KB: Creating a persistent scratch location for ESXi 4.x/5.x/6.0
Hi Burl and welcome to the forums!
can you please try to generate new certificates for ESXi by following the instructions here?:
Generate New Self-Signed Certificates for ESXi
Andreas
That didn't help with my issue, but I'm sure it was good to do. Thanks!
Thanks for the tip. I've tried this already and it did not seem to work. I also set the sticky-bit on the .crt/.key files per another KB article that I saw - didn't work though.