VMware Cloud Community
DanL2
Contributor
Contributor
‎08-12-2022 07:03 AM

Smart card authentication for vCenter forces full browser restart after timeout

Environment is vSphere 6.7 but I have experienced this issue across all vSphere versions.

Due to customer requirements (US Government) we are required to use smart card login, for any elevated permissions (such as access to vCenter) we are required to use a second card that has admin rights.  We are also forced to set a timeout for the login.  With all of these combined I am forced to close all windows/tabs and completely restart the browser multiple times per day, otherwise I get the message "Previous certificate authentication was used in the same browser session. Please close the browser and start a new browser window so that we can correctly authenticate using certificates.

I know there are many others that have experienced this since these restrictions apply to everyone in this sector.  So here are my questions:

Has anyone found a work around for this? (incognito/private browser windows are disallowed)

Why is this an issue for vSphere and but not any other application?

4 Replies
kcosta
Contributor
Contributor
‎09-07-2022 01:05 PM

Have you received any input or a solution to this problem?

getadm
Contributor
Contributor
‎03-30-2023 07:40 AM

First search on this issue, same here.

I just figured out a workaround, though.  Looks like you can just delete the cookies/site data set for just that vCenter connection instead of restarting the browser, and/or clearing all cookies, which sucks bc it signs you out of other working sessions.

Enter this into Edge address bar:

edge://settings/cookies/detail?site=[your vcenter url]

It'll take you to just the cookies and site data for your vCenter.  Once you clear these and try to login, you'll be prompted for smartcard auth again.

 

To browse to this setting manually to acquire your specific URL, here's the process that currently works for Edge 111.x.xxxx.xx :

  1. Settings
  2. Cookies and site permissions
  3. Manage and delete cookies and site data
  4. See all cookies and site data
  5. Search for some part of your vCenter URL, like the host name

    = Next step is the trick for being able to create a favorite/bookmark for this = 

  6. Click the down arrow dropdown, then click the right arrow to enter the cookies set for your vCenter
  7. In the address bar, you will now see a URL that will take you directly to this path for quick clear next time.
  8. Bookmark this
0 Kudos
bwadbethke
Contributor
Contributor
‎09-21-2023 11:45 AM

Nice!

Is there a way to do this for Chrome? (not seeing how to surgically clear just my vcenter cookies/data in Chrome)

0 Kudos
getadm
Contributor
Contributor
‎09-21-2023 03:36 PM

Yep!  First go here to view all the Chrome cookies:  chrome://settings/content/all?search=cookies

 

Then, put your server site/URL identifier in the search box, something like this.  After it whittles you down to your vCenter site/URL, add a bookmark so you can get to it quickly next time.  Personally, I have a folder to the very left of my Bookmarks bar called "ctrl", and I put shortcuts in here to settings, various Chrome flags, Chrome Web Store for extensions searches, etc.

chrome://settings/content/all?searchSubpage=vmware&search=cookies

 

getadm_0-1695337013658.png