VMware Cloud Community
pizzle85
Expert
Expert
‎11-21-2014 08:41 AM

vSphere SSO 5.5u2b HA Install "Failed to establish a secure connection to remote server"

I am installing the vCenter SSO 5.5u2b in an HA configuration. When installing the first node i used a generated password that was 20 characters long and consisted of lower, upper, and numbers for the administrator@vsphere.local account. Everything went smoothly and i moved on to the installation of the second node. When the second node asked me the installation scenario i selected "High Availability" and on the next page put in the primary node FQDN and the password for the administrator@vsphere.local that i configured on node 1. On the certificate page, upon clicking the "Continue" button i got a popup stating: "Failed to establish a secure connection with the remote server".

Looking at the installation logs i saw the errors:

SSO_SETUP_ERROR_MSG = Failed to establish a secure connection to remote server

VMware Single Sign-On-build-2175557: 11/21/14 10:25:52 --- CustomAction execution: VmSetupValidatePartnerInfo

VMware Single Sign-On-build-2175557: 11/21/14 10:25:52 LDAP Utils : VmSetupMakeLdapsConnection

VMware Single Sign-On-build-2175557: 11/21/14 10:25:52 Attempting ldap_sslinit...

VMware Single Sign-On-build-2175557: 11/21/14 10:25:52 Attempting ldap_connect...

VMware Single Sign-On-build-2175557: 11/21/14 10:25:52 Attempting ldap_bind_s...

VMware Single Sign-On-build-2175557: 11/21/14 10:25:52 Unable to make LDAPS connection. Error :1326

After searching around i found several other community posts regarding password issues, they all looked to be resolved in this version so i ignored them. I then read through the vCenter 5.5 install docs and in the prerequisite section for SSO i saw that the password for the administrator@vsphere.local account REQUIRED the use of lower, upper, number, AND special character.

I updated the administrator@vsphere.local password using the vdcadmintool.exe application, which created a password that met the requirements. Going back to node2 and using the new password everything worked as expected.

2 Replies
pizzle85
Expert
Expert
‎11-24-2014 06:40 AM

As an added note it appears that even through the installation went fine, using the unacceptable password caused the SSO install to fail to properly register the machines domain as an SSO iDP domain. After re-installing both sso instances again and walking through everything again it is working now.

There needs to be a PW checker in the installer...

0 Kudos
Amit9999
Contributor
Contributor
‎03-28-2015 01:41 PM

Cause of this issue was a incorrect password used to authenticate primary vCenter server (administrator@vsphere.local)