Enthusiast
Enthusiast

vSphere 6 - The SSL certificate of STS service cannot be verified

Jump to solution

Hi

Has anyone got NSX working with vSphere 6?

When I try to connect the NSX Manager to the vCenter lookup service I get the following error.

"NSX Management Service operation failed.( Initialization of STS Clients failed. Root Cause: The SSL certificate of STS service cannot be verified )"

Any idea on why this might be happening?

NSX Version: 6.1.2 Build 23182

vCenter Version: 6.0 Build 2155940

Thanks

David

Tags (2)
1 Solution

Accepted Solutions
VMware Employee
VMware Employee

There is no supported NSX version out at the moment. 6.1.2 will not work.

See please:

KB 2110293

"....

Compatibility considerations

vSphere 6.0:

Compatible versions of vCloud Director (vCD) and NSX for vSphere (NSX-v) will be available soon. If your environment has NSX-v or vCD, VMware recommends waiting for the availability of these compatible versions before you start your vSphere upgrade.

..."

6.1.3 should be out soon... ( I cannot give you date unfortunately )

Regards,

Roland

View solution in original post

0 Kudos
12 Replies
VMware Employee
VMware Employee

There is no supported NSX version out at the moment. 6.1.2 will not work.

See please:

KB 2110293

"....

Compatibility considerations

vSphere 6.0:

Compatible versions of vCloud Director (vCD) and NSX for vSphere (NSX-v) will be available soon. If your environment has NSX-v or vCD, VMware recommends waiting for the availability of these compatible versions before you start your vSphere upgrade.

..."

6.1.3 should be out soon... ( I cannot give you date unfortunately )

Regards,

Roland

View solution in original post

0 Kudos
Enthusiast
Enthusiast

Hi Roland,


That would explain it, Many thanks.

A bit misleading with NSX being version 6 Smiley Wink


Regards


David

0 Kudos
Enthusiast
Enthusiast

Ugh! The NSX 6.1 documentation center states ESXi 5.5 or later. ESXi 6 seems to be later than 5.5. Would have been nice for the caveat to be more definitive in the NSX 6.1 documentation.

0 Kudos
Enthusiast
Enthusiast

NSX 6.1.3 just got released today. I just finished upgrading my NSX Manager from 6.1.2 to 6.1.3 (vSphere 6 supported) and still get that same error when trying to configure the Lookup service. Must be a bug.

0 Kudos
VMware Employee
VMware Employee

Is the DNS OK resolving the lookup service? Isn't there an alias defined for it or for the vCenter?

0 Kudos
VMware Employee
VMware Employee

One more thing. Did you use port 443 for the lookup service? It is not 7444 in vSphere 6.0

Contributor
Contributor

SRoland, change port to 443 has worked for me in vShield Manager 5.5.4 (VMware vCloud Networking and Security) with vCenter 6.0

Contributor
Contributor

Port 443 worked for me with NSX 6.1.3 and vSphere 6

0 Kudos
Enthusiast
Enthusiast

Thanks! Port 443 worked. Odd that port 7444 defaults on that screen. I never actually put the 7444 in myself.

0 Kudos
Enthusiast
Enthusiast

Thanks for posting this! I had a similar error trying to get vShield Manager 5.5.4 to talk to a version 6.0 PSC/Inventory Service. As soon as I changed the port from 7444 to 443 it worked. GSS has been chasing this for two weeks.

Cheers,

Hamish

0 Kudos
Hot Shot
Hot Shot

Is there anything else to check for besides the port? Originally it was failing on port 7444, so, we switched it to 443 but I'm getting the "The SSL certificate of STS service cannot be verified" anyway. This is on vShield manager 5.5.4 to a vSphere 6 PSC.

Thanks

0 Kudos
Contributor
Contributor

Running VMware vCloud Networking and Security 5.5.4.3 and vCenter Server 6.0 U2 (3634793) here. Getting "Initialization of STS Clients failed.Root Cause: The SSL certificate of STS service cannot be verified" when I try to enter the lookup service using port 443.

0 Kudos