Problems with vRA Management Pack 2.0, vROps 6.1

greco827 · ‎03-21-2016

I have vROps 6.1, vRA 6.2, and the vRA MP 2.0. Whenever I try to connect to vRA from vROps via the MP, I get this error:

Unable to establish a valid connection to the target system. Failed to login to vCAC: I/O error on GET request for "https://<url>/identity/api/tenants/?page=1&limit=2147483647":handshake alert: unrecognized_name; nested exception is javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name

vRA has a single tenant, vsphere.local, and administrator@vsphere.local as well as a service account are both tenant administrators as well as Infrastructure Administrators within vRA.

This appears to be a certificate issue, but I am unsure on how to correct it. Any ideas?

If you find this or any other answer useful please mark the answer as correct or helpful https://communities.vmware.com/people/greco827/blog

streaks6 · ‎04-28-2016

Hi Greco,

This is a certificate issue. I too ran into this problem.

1. Is this a distributed deployment?

2. Are the management/Infrastructure servers behind a Load Balancer?

3. Are you using self-signed certificates?

To resolve my problem, I did the following:

Config Overview:

Distributed Install
One-Arm Load Balancer
single trusted certificate from internal CA
CA contains the Load Balanced FQDN as the CN and SAN contains all FQDNs for all VMs (management, DEM, DEO, IaaS, etc)

1. Deployed CA cert to all components (no self-signed)

2. Changed vRA CAFE Appliance host name settings to match the LB FQDN

3. Restarted vRA Services (service vcac-server restart) on both appliances

4. Wait to bake. Don't jump around or the souffle will fall.

5. Logged into vRA LB FQDN to confirm certs are correct.

6. Configured the vROPs MP to connect to the LB FQDN. A test connection was successful and I am collecting data.

Hope this helps.

All

Problems with vRA Management Pack 2.0, vROps 6.1