Hi everybody,
As mentioned in the thread description, I have a problem with adding a new VMware vCloud Director connection within the VMware Orchestrator configuration.
The problem is the follwoing:
I login to the Orchestrator (configuration page -> https://ot001m1.fqdn:8283) and open up "vCloud Director 5.1"-plugin and click on "New vCloud Director Connection".
I'm entering the following informations to connect to the vCloud:
Available: yes
Host: devcloud-portal.fqdn
Port: 443
Max connections: 600
Connection timeout (ms): 20000
Organization: system
Authentication strategy: Basic Authentication
Shared Session: User/Pass
After adding all informations, I'm hitting the "Apply changes" button and the plugin is trying to reach the vCloud-Director(s),
but it's only throwing me an error:
Peer not authenticated or
Connection timed out
The login credentials I provided are correct and I also added some certificates to the "SSL Trust Manager" in Orchestrator Network tab...
I also created a new certificate with SAN attirbutes (Subject alternative names), in case that Orchestrator is checking for SSL certificate compliance...
Do I need to import the SSL cert (incl. the SAN attributes) to the vCloud Director Cells?
I have some screenshots attached, to display the issue in a graphical method...
I hope someone is able to help me out, to understand what the problem in my confiugration is.
Some details of my configuration:
vCenter Setup: VMware vSphere 5.1 environment + ESXi hosts running ESXi 5.1 build 1065491
vCloud Setup: each vCloud Director is using vCloud 5.1.1 (two vCloud Directors running)
Orchestrator: Orchestrator Appliance 5.1.1 build 2942
vShield: vShield Manager Appliance 5.1.2 build 943471
The vShield Appliance is used for load balancing -> both vCloud Cell Director's were load balanced via vShield
Please let me know if you need more informations about the setup.
Thanks in advance and greetings,
Steven
Do you have a root user in the administrator group of the system organization ? If not then this is the problem.
Hi cdecanini_,
First of all: Thanks for your reply.
The root-user is the user who was created during installation of the vcloud vm's.
When I try to login to the vcloud-portal (Web interface), I also use the root user.
After login I can see the root-user is already part of the System-Administrator group.
When I use a different organization, "dev" or "catalog" for example and use another
user with the role "organization admin" this is also not working.
Very strange to me ...
greetz,
Steven
You mentioned you have imported SSL certificates. Have you imported the one from the vCD cell (by typing its URL) ?
BTW your screenshots do not show a root user in the system org.
Hi,
yep but I made another screenshot (hopeing this is the correct one), showing the root-user.
I imported the SSL certificates via file-upload and by typing the url, but here is the problem:
The vCD-cells (cd001c1 and cd002c1) are useing the same certificate (see attached screenshot).
And the "Common Name" is showing "devcloud-portal".fqdn only.
Do I need to have a SSL certificate installed matching all host-names of vCD cell's (Subject alternative names)?
Maybe this is the problem?
greetings,
Steven