VMware Cloud Community
VIKI97000
Contributor
Contributor

Vcloud Director 10.4.0.20079017 console proxy not working on port 443

Hi All, i have installed vcloud director 10.4.0.20079017
configured all the basic settings applied signed SSL cert also the issue am facing is that if am using console proxy which is by default on 443 in vcloud 10.4.0,
it ends with connecting (retry) witnin seconds and there are no logs in console proxy log file but if i enable Legacy Console Proxy in feature flags section the console proxy started working fine on port 8443
and i can see the console proxy logs also in terminal of vcloud please help me in that strange issue,
i have checked everything NTP,DNS,SSL
enabling lagacy console proxy worked perfect but when i disable it and it goes through 443 it goes in retry in 2 seconds
i have troubleshooted alot but could not found anything not even in logs am attaching few screenshots

VIKI97000_0-1686201449030.png

 

VIKI97000_1-1686201524661.png

 

 

0 Kudos
6 Replies
tonyanshe
Enthusiast
Enthusiast

@VIKI97000 what are the settings in global.properties and responses.properties.

Have you read this doc in relation to 

clear-console-proxy-settings

 

0 Kudos
VIKI97000
Contributor
Contributor

Hi @tonyanshe 
thanks for your reply
below are the settings in responses.properties

VIKI97000_0-1686836265777.png

below are the settings in global.properties

VIKI97000_1-1686836507365.png

 

 

Tags (1)
0 Kudos
tonyanshe
Enthusiast
Enthusiast

my response.properties does not have user.consoleproxy.* fields but I am on 10.4.1 where legacy console is not an option.

Have you reviewed KB https://kb.vmware.com/s/article/78885 and ensure necessary certs are trusted by VCD?

 

0 Kudos
VIKI97000
Contributor
Contributor

@tonyanshe VC certificates are already trusted

VIKI97000_0-1686847766690.png

 

0 Kudos
tonyanshe
Enthusiast
Enthusiast

I wonder if you are facing the issue described here 

VCD did not seem to either have or accept the ESXi certificates on which the VM’s reside. Investigating this with GSS reveiled that the command described in the KB and that we executed during the change does not accept self-signed ESXi host certificates automatically. So in other words, you would either have to manually upload all of the ESXi host certificates, or manually upload the VMCA certificate

 

The fact your console-proxy.log is empty is quite strange. No harm in trying to import the ESXi cert manually as explained in the resolution of the blog post which is option 3 on the KB. 

0 Kudos
imthiachulu
Contributor
Contributor

I had the similar issue,

 - Manually exported the VC cert
 - Imported to VCD

This resolved the issue in my case. Hope it helps.

Thank You

Imthiyaz Cloud
0 Kudos