VMware Cloud Community
jketron
Enthusiast
Enthusiast
‎12-21-2007 12:11 PM
Jump to solution

3.5 is answering SSL Handshakes from web servers , how do I stop it?

I have a single server with 3.5 loaded and it is on the same network as a Linux web server that is not vitualized and has nothing to do with ESX but the fact they are on the same network. When a customer now goes to the website that has been running fine for years and the SSL cert was fine they now get a error that states the name on the security certificate is invalid If you check the certification path you see that it came from the ESX physical host, there are no VM's loaded at all yet so its none of them.

How do I stop ESX from answering and issuing SSL certificates?

0 Kudos
1 Solution

Accepted Solutions
Dave_Mishchenko
Immortal
Immortal
‎12-21-2007 12:37 PM
Jump to solution

It sounds like you have a duplicate IP address problem. Perhaps someone added a service console port to the ESX host. What do you see if you go to http://<ip_of_linux> and continue to the website ignoring the warning message?

View solution in original post

0 Kudos
4 Replies
mike_laspina
Champion
Champion
‎12-21-2007 12:22 PM
Jump to solution

It is not possible for a ESX host to issue a cert to the WEB server without file write access to the web server configuration. I suggest you bring down the esx host and investigate further.

http://blog.laspina.ca/ vExpert 2009
0 Kudos
jketron
Enthusiast
Enthusiast
‎12-21-2007 12:29 PM
Jump to solution

it is answering the SSL handshake some how

The two servers are on the same switch and same network, that is the only thing in common. These two servers should never need to communicate. I have turned the ESX server off and the orginal web server runs just fine.

How do I stop it from answering the handshake? it some how thinks it is a SSL cert server or something

0 Kudos
Dave_Mishchenko
Immortal
Immortal
‎12-21-2007 12:37 PM
Jump to solution

It sounds like you have a duplicate IP address problem. Perhaps someone added a service console port to the ESX host. What do you see if you go to http://<ip_of_linux> and continue to the website ignoring the warning message?

0 Kudos
mcowger
Immortal
Immortal
‎12-21-2007 01:35 PM
Jump to solution

Definitly sounds like a dup IP or a problem with PAT or NAT.

--Matt

--Matt VCDX #52 blog.cowger.us
0 Kudos