VMware Networking Community
PayableOnDeath
Enthusiast
Enthusiast
Jump to solution

vSphere 6 - The SSL certificate of STS service cannot be verified

Hi

Has anyone got NSX working with vSphere 6?

When I try to connect the NSX Manager to the vCenter lookup service I get the following error.

"NSX Management Service operation failed.( Initialization of STS Clients failed. Root Cause: The SSL certificate of STS service cannot be verified )"

Any idea on why this might be happening?

NSX Version: 6.1.2 Build 23182

vCenter Version: 6.0 Build 2155940

Thanks

David

Tags (2)
1 Solution

Accepted Solutions
SRoland
VMware Employee
VMware Employee
Jump to solution

There is no supported NSX version out at the moment. 6.1.2 will not work.

See please:

KB 2110293

"....

Compatibility considerations

vSphere 6.0:

Compatible versions of vCloud Director (vCD) and NSX for vSphere (NSX-v) will be available soon. If your environment has NSX-v or vCD, VMware recommends waiting for the availability of these compatible versions before you start your vSphere upgrade.

..."

6.1.3 should be out soon... ( I cannot give you date unfortunately )

Regards,

Roland

View solution in original post

Reply
0 Kudos
12 Replies
SRoland
VMware Employee
VMware Employee
Jump to solution

There is no supported NSX version out at the moment. 6.1.2 will not work.

See please:

KB 2110293

"....

Compatibility considerations

vSphere 6.0:

Compatible versions of vCloud Director (vCD) and NSX for vSphere (NSX-v) will be available soon. If your environment has NSX-v or vCD, VMware recommends waiting for the availability of these compatible versions before you start your vSphere upgrade.

..."

6.1.3 should be out soon... ( I cannot give you date unfortunately )

Regards,

Roland

Reply
0 Kudos
PayableOnDeath
Enthusiast
Enthusiast
Jump to solution

Hi Roland,


That would explain it, Many thanks.

A bit misleading with NSX being version 6 Smiley Wink


Regards


David

Reply
0 Kudos
iforbes
Hot Shot
Hot Shot
Jump to solution

Ugh! The NSX 6.1 documentation center states ESXi 5.5 or later. ESXi 6 seems to be later than 5.5. Would have been nice for the caveat to be more definitive in the NSX 6.1 documentation.

Reply
0 Kudos
iforbes
Hot Shot
Hot Shot
Jump to solution

NSX 6.1.3 just got released today. I just finished upgrading my NSX Manager from 6.1.2 to 6.1.3 (vSphere 6 supported) and still get that same error when trying to configure the Lookup service. Must be a bug.

Reply
0 Kudos
SRoland
VMware Employee
VMware Employee
Jump to solution

Is the DNS OK resolving the lookup service? Isn't there an alias defined for it or for the vCenter?

Reply
0 Kudos
SRoland
VMware Employee
VMware Employee
Jump to solution

One more thing. Did you use port 443 for the lookup service? It is not 7444 in vSphere 6.0

DanielRG
Contributor
Contributor
Jump to solution

SRoland, change port to 443 has worked for me in vShield Manager 5.5.4 (VMware vCloud Networking and Security) with vCenter 6.0

Data12345
Contributor
Contributor
Jump to solution

Port 443 worked for me with NSX 6.1.3 and vSphere 6

Reply
0 Kudos
iforbes
Hot Shot
Hot Shot
Jump to solution

Thanks! Port 443 worked. Odd that port 7444 defaults on that screen. I never actually put the 7444 in myself.

Reply
0 Kudos
HamR
Enthusiast
Enthusiast
Jump to solution

Thanks for posting this! I had a similar error trying to get vShield Manager 5.5.4 to talk to a version 6.0 PSC/Inventory Service. As soon as I changed the port from 7444 to 443 it worked. GSS has been chasing this for two weeks.

Cheers,

Hamish

Reply
0 Kudos
epa80
Hot Shot
Hot Shot
Jump to solution

Is there anything else to check for besides the port? Originally it was failing on port 7444, so, we switched it to 443 but I'm getting the "The SSL certificate of STS service cannot be verified" anyway. This is on vShield manager 5.5.4 to a vSphere 6 PSC.

Thanks

Reply
0 Kudos
stunor
Contributor
Contributor
Jump to solution

Running VMware vCloud Networking and Security 5.5.4.3 and vCenter Server 6.0 U2 (3634793) here. Getting "Initialization of STS Clients failed.Root Cause: The SSL certificate of STS service cannot be verified" when I try to enter the lookup service using port 443.

Reply
0 Kudos