VMware Horizon Community
Marc_P
Enthusiast
Enthusiast

Can't Accept Default SSL Certificate after Upgraded to vSphere 5.1

In my View Manager when I go to View COnfiguration > Servers and click Edit it asks me to accept the SSL certificate.

If I click Accept I get an error:

Cannot connect to the vCenter Server {0} because the user name or password is not valid.

I'm a bit reluctant to delete the server. When I upgraded to 5.1 I had to create a new SSL certificate for vCenter because it had expired.

I'm a bit stuck because I can't manage my View machines until this certificate is accepted.

Any help appreciated!

9 Replies
mittim12
Immortal
Immortal

No issues connecting to vCenter with the username/password specified for that server during configuration?

Reply
0 Kudos
Marc_P
Enthusiast
Enthusiast

No issues with logging in with the username and password during configuration.

Reply
0 Kudos
mittim12
Immortal
Immortal

What if you go into the dashboard, system health, vcenter, and click on the entry there.   Does it say anything about the certificate?

Reply
0 Kudos
Marc_P
Enthusiast
Enthusiast

The only thing it mentions is:

For self-signed certificate, click 'Verify'.
If the vCenter Server certificate can be validated, make sure that the trusted store on the View Connection Server system has the correct Certificate Authorities. Additional options

I get the same error if I try and accept the certificate :confused_face:

Reply
0 Kudos
mittim12
Immortal
Immortal

Do you have the ability to try a new trusted certificate?

http://kb.vmware.com/kb/2032400

Reply
0 Kudos
LWCSteve
Contributor
Contributor

I am having the exact same issue with my upgrade. I can't accept the Vcenter certificate. It fails with the same message "

Cannot connect to the vCenter Server {0} because the user name or password is not valid."

Has anyone found a resolution for this?

Reply
0 Kudos
waynej
Contributor
Contributor

I just experienced the same issue when upgrading from View 5.0 on vSphere 5.0 to Horizon View 5.2 on vSphere 5.1 U1.  I was able to accept the certificates for various components except vCenter.  The security event log on the vCenter server showed a failed login attempt using the configured credentials in Horizon View.  When I attempted to modify the vCenter settings to change the account credentials in Horizon View Administrator console, it required me to accept the certificate before it would modify the settings.  At this point I had to contact VMware support.

VMware support used ADSI Edit to modify the ADAM database. I believe the problem was probably only that the account did not have my domain prefix in the username field, but they ended up modifying quite a few more settings (account name, encrypted password, ssl cert settings).  Long story short:  they changed the UNIQUEID of the vCenter server, added a new vCenter server and then transferred the settings back to the original entry before deleting the new entry and restoring the UNIQUEID in the ADAM database.

Reply
0 Kudos
elsnook
Contributor
Contributor

My solutions was similar to waynej.  I had to manually edit the ADAM database to change my username to include the domain prefix in the username field.

  1. Log in to one of the View Connection Servers as the domain administrator.
  2. Click Start > Administrative Tools > ADSI Edit.
  3. In the console window, right-click ADSI Edit and click Connect to.
  4. In the Name field type: View ADAM Database
  5. Select Select or type a Distinguished Name or Naming Context.
  6. In the field below, type dc=vdi,dc=vmware,dc=int
  7. Select Select or type a domain or server.
  8. In the field below, type localhost
  9. Click OK.
  10. Click View ADAM Database [localhost] to expand.
  11. Click DC=vdi,dc=vmware,dc=int to expand.
  12. Navigate to OU=Properties,OU=VirtualCenter
  13. Edit the properties of the key
  14. Add the domain prefix the following attributes: pae-SVIUserName and paeVCUserName
  15. Restarted the connection server
zzJohnzz
Contributor
Contributor

Thank you for posting your fix, I had the exact same issue and adding the domain\ to my username fixed it.

Thanks!

Reply
0 Kudos