The connect-viserver for a vcenter fails with the below message. However, an attempt to connect another vcenter server(which is on same build) works fine without any issues. Both the vCenter Servers are on version 7.0.3-20990077. Any suggestions @LucD?
connect-viserver : 6/6/2023 1:51:07 PM Connect-VIServer Error: Invalid server certificate. Use Set-PowerCLIConfiguration to set the value for the InvalidCertificateAction option to Prompt if you'd like to connect once or to add a permanent exception for this server.
Additional Information: Could not establish secure channel for SSL/TLS with authority 'vcentername'.
At line:1 char:1
+ connect-viserver "vcentername"
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : SecurityError: (:) [Connect-VIServer], ViSecurityNegotiationException
+ FullyQualifiedErrorId : Client20_ConnectivityServiceImpl_Reconnect_CertificateError,VMware.VimAutomation.ViCore.Cmdlets.Commands.ConnectVIServer
PS C:\>
PS C:\> [Net.ServicePointManager]::SecurityProtocol
Ssl3, Tls, Tls12
Can you connect after you do
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
hello @LucD, yes tried that and it didn't help.
to clarify:
1) there are two vcenter servers, both of same versions
2) one vcenter, I am able to connect without any issues and the second one, it fails with an error. This is regardless of I try to connect both the vcenter servers in the same session or use different sessions.
Did you try the 2nd bullet in Solved: Re: Cannot connect to vcenter server via PowerShel... - VMware Technology Network VMTN
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
hello @LucD,
Yes, tried that earlier and it didn't help. Tried it again, resulting with the same behavior. One vcenter succeeds and the other fails.
Can you try with the explicit Server parameter.
Connect-VIServer -Server v18g
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
hello @LucD ,
I think I may have found out the cause of this error. This is more on the allowed ciphers on port 443, a configuration that needs to changed on the reverse proxy config file. I am able to repro this issue successfully, will work with VMware GSS.
Thanks.