I just upgraded to version 2.0 GA and after it finished I got a message about it not being able to connect to one of my vCenter servers. It was working prior to the upgrade.
When I try and test the connection I get the following error: HTTP transport error: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
I have restarted vCenter services with no change in behavior. vCenter version is 5.0 Update 2
The issue has been resolved. It was due to our vCenter server having a 512-bit SSL on it (was a previous upgrade from 4.0).
LogInsight 2.0's Java security settings require the SSL to be at least 1024-bit. As a temporary work around support modified the settings to only need a 512-bit key. A restart of Log Insight was required.
I am good with this fix since we have plans to deploy a new vCenter server in the coming months.
I'll defer to my colleagues, but definitely file a ticket with support so we can track it.
Thanks.
Thanks Bill, I opened a case and uploaded the support bundle. I'll reply back once resolved.
ok. can you post the ticket number, or email at broth at VMware dot com, if you want to keep it private? I can push it internally.
The issue has been resolved. It was due to our vCenter server having a 512-bit SSL on it (was a previous upgrade from 4.0).
LogInsight 2.0's Java security settings require the SSL to be at least 1024-bit. As a temporary work around support modified the settings to only need a 512-bit key. A restart of Log Insight was required.
I am good with this fix since we have plans to deploy a new vCenter server in the coming months.
Thanks for the followup.
laakness , Do you happen to know the setting that they tweaked in order to use the 512-bit key? I have the same scenario for my lab vcenter.
Yep, here you go.
Login as root via SSH or Console.
vi /usr/java/jre1.7.0_51/lib/security/java.security
search for jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
Change 1024 to 512 and restart Log insight.
Thanks! that worked
For similar error in VMware Horizon follow Certificates do not conform to algorithm constraints.