VMware {code} Community
gbermudez
Contributor
Contributor

Cannot connect to vCenter Single Sign-On server https://x.x.x.x/sts/STSService/xxxx.local.

Hello everybody,

I had a problem clean-installing vCenter Server 7.0.2

When I log in to the vCenter interface, the following message is displayed: Cannot connect to vCenter Single Sign-On server https: //x.x.x.x/sts/STSService/xxxx.local.

Issue 3 - copia.PNG

I have validated the STS certificate, and I find no problem in it (Attached capture)

Certificate.PNG

Does anyone know what this error is due to?

Thanks for your kind support.

Regards, 

Gabriel Bermúdez

Reply
0 Kudos
5 Replies
a_p_
Leadership
Leadership

In your post's title you wrote "https://x.x.x.x/...". 
Issues like this often occur due to to missing prerequisites. Please verify that the vCenter Server's FQDN resolves correctly, i.e. has correct forward (Host-A), and reverse (PTR) DNS entries.

André

Reply
0 Kudos
gbermudez
Contributor
Contributor

I confirm that the FQDN resolves correctly. The A and Inverse records are correct.

I also confirm that if I put the FQDN of the vCenter in the browser it will find it without problem. But when I log in, it shows me the error that I attached above.

Gabriel Bermúdez

Reply
0 Kudos
a_p_
Leadership
Leadership

Entering the FQDN in a browser confirms that the client on which you run the browser is able to resolve the name.
To ensure (verify) that the vCSA does also resolve the name, and IP address properly, please run nslookup <IP-Address> from the vCSA's command line (shell), to see whether it resolves to the FQDN.

André

Reply
0 Kudos
gbermudez
Contributor
Contributor

Hi Andre,

I realize run the nslookup from the VCSA shell, and I can´t reach by FQDN to the vCenter.

What is a possible cause for this issue?

 

Reply
0 Kudos
a_p_
Leadership
Leadership

Possible reasons could be that either there's a typo in the DNS server's IP address, or the vCSA cannot reach the DNS server due to firewall, or routing issues. Are you able to reach/ping the DNS server from the vCSA?

What happens if you run nslookup with specifying the DNS server as a command line option, i.e. nslookup <vcsa.fqdn.name> <DNS-Server-IP-address>? Does this command resolve the name?

André

Reply
0 Kudos