Re: Login. Username and password required

reall12 · ‎06-15-2021

Hello.

I am currently unable to login to my vCenter 7.0 web client. I keep getting an error "User name and password are required" when trying to login.

https://communities.vmware.com/t5/vCenter-Server-Discussions/Unable-to-Login-to-vCenter/m-p/2299182#...
Similar problem but all certs is valid (checksts.py).

I try update Vmware vCenter Server to version 7.0.2.00200 but is don't solve problem.

On TCP port 5480 I can login.

How I can reset to defaults SSO token settings via shell or ssh? After changing them this problem occur.

sjesse · ‎06-15-2021

If you have support you should really open a SR, there is alot that could be going on here. It could be more certs that the checksts script doesn't check

reall12 · ‎06-15-2021

I have support but how I can open SR?

Try
https://my.vmware.com/group/vmware/get-help/
selest Technical -> System Management and nothing happens.

Try call to support telephone number (+7 495 2122998) and nobody picks up the phone.

Server is down all day.

sjesse · ‎06-15-2021

Try this ? VMware Support Hub

reall12 · ‎06-15-2021

I think the problem is not with the certificates.

https://kb.vmware.com/s/article/2112283
Regenerate all certs didn't help.

sjesse · ‎06-15-2021

There is another way to clear out unneeded trusted root certs that we had to do that required connecting the ldap database using an ldap browser that I'm not sure there is even a kb for, that was a problem we had that was breaking upgrades and other things.

Ank_S · ‎06-15-2021

Hello reall12,

1) Try to restart the vCenter Services and then check the behavior.
SSH to the VCSA
Run "service-control --stop --all"
Run "service-control --start --all"

2) Try using another browser (Including incognito mode)
3) Try to login with the Administrator@vsphere.local (adjust the domain accordingly)

sjesse · ‎06-15-2021

look at the last comment here

https://communities.vmware.com/t5/vCenter-Server-Discussions/VCSA-6-7-vpxd-doesn-t-start-after-repla...

you can run this

for i in $(/usr/lib/vmware-vmafd/bin/vecs-cli store list); do echo STORE $i; /usr/lib/vmware-vmafd/bin/vecs-cli entry list --store $i --text | egrep "Alias|Not After"; done

to see if any of the trusted roots are expired, if so there is semi complicated process in removing them.

reall12 · ‎06-15-2021

1) All services successfully stopped and started/
2 and 3 - nothing changed. (IE, Chrome, Firefox).

reall12 · ‎06-15-2021

STORE MACHINE_SSL_CERT
Alias : __MACHINE_CERT
Not After : Jun 15 12:24:00 2023 GMT
STORE TRUSTED_ROOTS
Alias : 22fbfa84d9bd966f3bc461ba9f0309975e986c89
Not After : Feb 24 09:03:41 2031 GMT
Alias : 5b7729e64e2d842bf5f52af900328f971d2dd417
Not After : Jun 10 15:20:11 2031 GMT
Alias : 5862190bd0f27df6d14273e353da4f05c1e5a68c
Not After : Jun 10 12:34:00 2031 GMT
Alias : 14ef1a802a146bb7dc49102e69d66b9979365faa
Not After : Jun 10 15:58:44 2031 GMT
STORE TRUSTED_ROOT_CRLS
Alias : d050e0bec9e7f50319e6ac3e42af7f3040ad2102
Alias : 4b5b75314e3568fcd98cb434ed427384d6cc53ba
Alias : 0807b81dd3b482ad4c62929c454290139d82616a
Alias : 92ff0a100ad4ca7e92cda60901a7c0109c1cbdce
STORE machine
Alias : machine
Not After : Jun 15 15:28:28 2023 GMT
STORE vsphere-webclient
Alias : vsphere-webclient
Not After : Jun 15 15:28:28 2023 GMT
STORE vpxd
Alias : vpxd
Not After : Jun 15 15:28:29 2023 GMT
STORE vpxd-extension
Alias : vpxd-extension
Not After : Jun 15 15:28:29 2023 GMT
STORE hvc
Alias : hvc
Not After : Jun 15 15:28:31 2023 GMT
STORE data-encipherment
Alias : data-encipherment
Not After : Feb 24 09:03:41 2031 GMT
STORE APPLMGMT_PASSWORD
STORE SMS
Alias : sms_self_signed
Not After : Mar 1 09:08:21 2031 GMT
STORE wcp
Alias : wcp
Not After : Jun 15 15:28:32 2023 GMT
STORE BACKUP_STORE
Alias : bkp___MACHINE_CERT
Not After : Jun 15 12:24:00 2023 GMT
Alias : bkp_machine
Not After : Jun 15 15:28:28 2023 GMT
Alias : bkp_vsphere-webclient
Not After : Jun 15 15:28:28 2023 GMT
Alias : bkp_vpxd
Not After : Jun 15 15:28:29 2023 GMT
Alias : bkp_vpxd-extension
Not After : Jun 15 15:28:29 2023 GMT
Alias : bkp_hvc
Not After : Jun 15 15:28:31 2023 GMT
Alias : bkp_wcp
Not After : Jun 15 15:28:32 2023 GMT

reall12 · ‎06-15-2021

Browser console after click "LOGIN".

scheme	https
host	management.plant.elesy.com
filename	/websso/SAML2/SSO/vsphere.local

SAMLRequest	zVRLj9owEL73V0S+J04CG3YtwoouXRVpH3RDq6qXyiQDWHLs1OMk8O/rBGjRqrvi2IsP1szn7zHj8e2ulF4DBoVWKYmCkHigcl0ItUnJ1+W9f01uJx/GyEtZsWltt+oFftWA1psigrGu7U4rrEswGZhG5DBXBexS4oBmrkwobnvorbUVMkpLrvgGSlA2qCR3J0jAfZDrkrawQtQ0mz4+xDTLnmmD1RYMBFLnXBLvXpsceg4pWXOJQLz5LCU/E75aJclwkIyKGNzB4zC/iYbhzeoqCaG4cmW44Iiigb+NiLWjitZRSEkcxpEfJn6ULMMhG4xYfB1Eo8EP4i2MtjrX8qNQB09qo5jmKJApXgIym7OOMIuDkK0ORcg+L5cLf/GcLXuARhRgnlx1St5Wz4bDAfG+nZKIuyRcNgpZ7/37D1dHlmRyTKqXZy4H4KcwyeSCoGpBO8xTYCVYXnDLx/T88QOVuGKd8vlsoaXI995USt3eGeDWuWFNDX2sJbfv8+tuROGv+1JWdS6hddSIly06/C81l2ItwFw0aG/wPzc8vtRxetTJ3BoUorMQz2Eutv01yhGkcS0HTU5SU7bcrUMnAfMtlBwpt9b4PTCNwyim4ZB+2jlnuinCk6Adij8YbdsG7SDQZuMawoh+f3zIeixf9NuQu0RcPbP7yiXUPc9eQEHLVxKW7u4fgv8jqjMX8uacKn0dzuQ0peef2eQ3
SigAlg	http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
Signature	RXASx4AfCxuozGOUFv2bO021vY++Iw5LsndoHPnmVXmHOZKhdX7k5SChwscquOF/vuU7NXJCpxAqq2o+/GRo3COQVL4kWXKbiw9Bhyfoe9bdtafZ3LMO5rU1ByhXI3d5gQ7zd8kzT5xk/gm0it1y2W05jMBgBXwBMoTdERg1mbyQsKCrZfHkt0l8Ixdd0uoshXKLDfIjx1R/Gx2G8fIwCHeZGkkeX5m7xElBC1nENmLsYtZgO0X0WmzLk/qVq3OgCoFpYHUP/uODw4eu7WcS7AX/f8maiReemfvhbkGhghzAXsyZXQx5VmiVhr474wiiSJraxAwGlS3PPttaEnsEyA==

Status

400

Bad Request

VersionHTTP/2

Transferred650 B (435 B size)

Referrer Policystrict-origin-when-cross-origin


content-language	en

content-length	435
content-type	text/html;charset=utf-8
date	Wed, 16 Jun 2021 04:37:40 GMT
server	envoy

x-envoy-upstream-service-time	36
X-Firefox-Spdy	h2


Accept	/

Accept-Encoding	gzip, deflate, br
Accept-Language	en-US,en;q=0.5
Cache-Control	no-cache
Connection	keep-alive
Content-Length	92
Content-type	application/x-www-form-urlencoded
DNT	1
Host	management.plant.elesy.com
Origin	https://management.plant.elesy.com
Pragma	no-cache
Referer	https://management.plant.elesy.com/websso/SAML2/SSO/vsphere.local?SAMLRequest=zVRLj9owEL73V0S%2BJ04C...
TE	Trailers
User-Agent	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101 Firefox/89.0

ericwest135 · ‎08-09-2023

Were you ever able to fix this issue?