We have several vcenters that I upgraded to 6.0u3b about 6 weeks ago. Now, when I try to add a new host to any of the vcenters, I get the following error:
Add standalone host
A general system error
occurred: Unable to get signed
certificate for host: Error:
Access denied, reason =
rpc_s_auth_method (0x16c9a0f6). (382312694).
I opened a case with vmware and was given the following resolution:
Connect to the vCenter Server using vSphere Client and an Administrative account.
Go to Administrator > vCenter Server settings > Advanced Settings.
Change the value of vpxd.certmgmt.mode to thumbprint and click OK.
Add the ESXi host again.
The problem with this resolution is that you have to readd every single host thats connected to the vcenter. We have around 400 hosts across 13 vcenters, and that doesn't seem very feasible. Has anyone else encountered this issue?
Hello,
I believe this is a known issue and currently, the VMware teams are working on the fix for the same.As a workaround, you can try rename the ssleay32.dll and libeay32.ddl under c:\windows\system32.
Hello parmarr,
What should those files be renamed to? Will the system automatically generate new dlls?
Appreciate any insight.
I just had a case open with the same issue, they changed that value and after my questioning them several times indicated that the change will have no impact on the existing hosts in vCenter.
So far that has been my experience as well, that there was no impact on other hosts.
Yes, but having the vcenter blindly accept certificates is a fairly large security violation that my internal security teams would never allow. This seems to be a "I don't know whats wrong" workaround that is pretty unacceptable coming from a company like vmware.