Solved: Re: cannot deploy ovf template "vSphere Replicatio...

automatyka · ‎01-22-2014

Hi,

I I'm having a trouble deploying vSphere Replication appliance.

've followed "VMware vSphere Replication Administration" installation chapter and have done everything they've asked (deployment from web client, installing a web client plugin, changing VirtualCenter.FQDN to static IP address [my network has lausy dns server without reverse lookup, so i'm trying to put every address as static]).

I'm following a deployment wizard and after selecting files from my disk (vsphere replication ovf10 (NOT AddOn) - version 5.5), accepting EULA, selecting name/folder it brings me to selecting storage, where i select my host inner datastore.

When i press Next there is an error: "Unable to establish an SSL connection with vCenter Server", and then "Unable to validate that the OVF can be imported on the vCenter Server".

I do not know if that could be the relevant, but my vcenter server (5.5) runs on windows 2003 server (only https port is changed to 444 from default 443) and i have been installing it a few times before i succeeded.

Please, give some advice.

Thanks in advance.

john23 · ‎01-22-2014

If you change to the default port (possible then try), are you able to deploy??

This way we will able to figure out about issue??

-A

Thanks -A Read my blogs: www.openwriteup.com

View solution in original post

john23 · ‎01-22-2014

Are you deploying Standalone vSphere replication or using SRM you are deploying vSphere replication??

-A

Thanks -A Read my blogs: www.openwriteup.com

automatyka · ‎01-22-2014

A standalone version (VMware vSphere -> VMware vSphere Replication 5.5 Appliance - ISO).

EDIT: I've just checked deployment on another vCenter Server 5.5 instance (appliance version), and it deploys and works correctly. Not a surprise, but it clarifies that my replication appliance files are not corrupted or something.

mvalkanov · ‎01-22-2014

Hi,

The Web Client uses internally ovftool to deploy the appliance.

To see the vCenter Server address as passed to ovftool, please follow these steps:

1. Logout from the Web Client and open https://vcenter_address:9443/vsphere-client/?logLevel=debug

2. Navigate through the OVF wizard, till the error appears.

3. Open your temp folder (on windows machine, Start -> Run -> %TEMP%).

4. Open VMwareClientSupportPlugin and vmware-cs-plugin folders and look for plugin-ovftool-nnnn.log. Inside it look for vi://. Here is sample output from my plugin-ovftool-nnnn.log:

--> /prgPath = "C:\Program Files (x86)\VMware\Client Integration Plug-in 5.5\ovftool"

--> /source = "C:\Documents and Settings\Administrator\My Documents\Downloads\internal\VR\vSphere_Replication_OVF10.ovf"

--> /target = "vi://vcenteraddress/?moref=vim.HostSystem:host-62

Regards,

Martin

automatyka · ‎01-22-2014

ok, i can see the file and inside:

/target = "vi://LogSrvAu/?moref=vim.HostSystem:host-103"--> /targetSSLThumbprint = "03:C7:E5:9D:34:81:CC:E2:B6:D0:33:C2:F7:A7:90:42:D1:77:AE:DE"

--> /vCloudTemplate = "false"

--> /vService/installation = ""

--> /verifyOnly = "true"

-->

2014-01-22T12:45:36.893+01:00 [02568 verbose 'Default'] Done initializing libs

2014-01-22T12:45:36.893+01:00 [02568 verbose 'Default'] Determining source

2014-01-22T12:45:36.894+01:00 [02568 verbose 'Default'] Determining target

2014-01-22T12:45:36.898+01:00 [02568 verbose 'Default'] Manifest file present. Parsing file.

2014-01-22T12:45:36.898+01:00 [02568 verbose 'Default'] Manifest file entry: SHA1(vSphere_Replication_OVF10.ovf) = c8b0c10d9f9bc195b976c2a883713189f472c8d6

2014-01-22T12:45:36.898+01:00 [02568 verbose 'Default'] Manifest file entry: SHA1(vSphere_Replication-system.vmdk) = 8c059335ab5459a6715ea89c72a328c7f3a138be

2014-01-22T12:45:36.898+01:00 [02568 verbose 'Default'] Manifest file entry: SHA1(vSphere_Replication-support.vmdk) = 8485fc8dba6da8985c65d11f73543c167a3d48bb

2014-01-22T12:45:36.898+01:00 [02568 verbose 'Default'] Certificate file present. Validating content.

2014-01-22T12:45:36.898+01:00 [02568 verbose 'Default'] Certificate found: -----BEGIN CERTIFICATE------->

bla bla

-----END CERTIFICATE-----

-->

2014-01-22T12:45:36.899+01:00 [02568 verbose 'Default'] Using Windows certificate repository

2014-01-22T12:45:36.905+01:00 [02568 verbose 'Default'] Using certificate repository at C:\Program Files (x86)\VMware\Client Integration Plug-in 5.5\ovftool\certs

2014-01-22T12:45:36.909+01:00 [02568 verbose 'Default'] Verifying that the files references in manifest are valid

2014-01-22T12:45:36.914+01:00 [02568 verbose 'Default'] IP address lookup of logsrvau failed with message Nieznany host.

2014-01-22T12:45:37.016+01:00 [02568 verbose 'HttpConnectionPool-000000'] HttpConnectionPoolImpl created. maxPoolConnections = 20; idleTimeout = 900000000; maxOpenConnections = 20; maxConnectionAge = 0

2014-01-22T12:45:37.023+01:00 [02568 verbose 'Default'] Getting http page: https://192.168.15.230/sdk/vimServiceVersions.xml

2014-01-22T12:45:37.023+01:00 [02568 verbose 'Default'] Proxy host :smileylaugh:

2014-01-22T12:45:37.029+01:00 [11116 verbose 'Default'] CURL: header data removed

2014-01-22T12:45:37.030+01:00 [11116 verbose 'Default'] CURL: header data removed

2014-01-22T12:45:37.049+01:00 [11444 error 'HttpConnectionPool-000000'] [ConnectComplete] Connect failed to <cs p:007412c0, TCP:192.168.15.230:443>; cnx: (null), error: class Vmacore::Ssl::SSLVerifyException(SSL Exception: Verification parameters:

--> PeerThumbprint: 2D:4D:7D:61:3A:24:E6:30:FF:A5:76:91:86:29:67:37:8D:FD:10:B5

--> ExpectedThumbprint: 03:C7:E5:9D:34:81:CC:E2:B6:D0:33:C2:F7:A7:90:42:D1:77:AE:DE

--> ExpectedPeerName: 192.168.15.230

--> The remote host certificate has these problems:

-->

--> * A certificate in the host's chain is based on an untrusted root.

-->

--> * The certificate is based on an untrusted root.

-->

--> * Host name does not match the subject name(s) in certificate.

-->

--> * self signed certificate)

2014-01-22T12:45:37.049+01:00 [02568 verbose 'Default'] Verify SSL fingerprint failed. Error: SSL Exception: Verification parameters:

--> PeerThumbprint: 2D:4D:7D:61:3A:24:E6:30:FF:A5:76:91:86:29:67:37:8D:FD:10:B5

--> ExpectedThumbprint: 03:C7:E5:9D:34:81:CC:E2:B6:D0:33:C2:F7:A7:90:42:D1:77:AE:DE

--> ExpectedPeerName: 192.168.15.230

--> The remote host certificate has these problems:

-->

--> * A certificate in the host's chain is based on an untrusted root.

-->

--> * The certificate is based on an untrusted root.

-->

--> * Host name does not match the subject name(s) in certificate.

-->

--> * self signed certificate

2014-01-22T12:45:37.049+01:00 [02568 verbose 'Default'] Provided ssl: 03:C7:E5:9D:34:81:CC:E2:B6:D0:33:C2:F7:A7:90:42:D1:77:AE:DE, host: 2D:4D:7D:61:3A:24:E6:30:FF:A5:76:91:86:29:67:37:8D:FD:10:B5

2014-01-22T12:45:37.294+01:00 [09528 verbose 'Default'] Abort command read on stdin

2014-01-22T12:45:37.300+01:00 [02568 verbose 'Default'] Backtrace:

--> backtrace[00] rip 0f930d23

--> backtrace[01] rip 0f830dd4

--> backtrace[02] rip 0f832151

--> backtrace[03] rip 0f7f246a

--> backtrace[04] rip 01236b93

--> backtrace[05] rip 0126433b

--> backtrace[06] rip 01252fb2

--> backtrace[07] rip 012810fb

--> backtrace[08] rip 01254c5a

--> backtrace[09] rip 0124d409

--> backtrace[10] rip 0124dbc4

--> backtrace[11] rip 01442a3f

--> backtrace[12] rip 7602336a

--> backtrace[13] rip 77509f72

--> backtrace[14] rip 77509f45

-->

where LogSrvAu is my vcenter windows hostname (which i think should be recognized as an IP address...)

john23 · ‎01-22-2014

If you change to the default port (possible then try), are you able to deploy??

This way we will able to figure out about issue??

-A

Thanks -A Read my blogs: www.openwriteup.com

automatyka · ‎01-22-2014

ok, and how exactly do you do that?:)

vSphere client doesn't let me do it, and web client freezes at loading Ports tab in vCenter -> General -> Edit tab...

EDIT: ok, dumb question, found it in advanced settings.

Web Client:

"Could not connect to one or more vCenter Server systems:

https://LogSrvAu:444/sdk" - i understand that it is now 443, but how to tell that to the web client?

Vicious one...

EDIT: Ok, after reinstalling vCenter with default ports it deployes Replication Appliance smoothly, but...

It does not integrate with vCenter (I cannot see vSphere Replication Tab, not even vSphere Replication configuration when right-clicking a particular VM. I have relogged to vCenter, even rebooted vCenter, still nothing...

I have tried unregister vRA from vCenter from the vRA configuration site, but it has told me that it failed to communicate with vCenter Server

Any idea?

HussainAlfaraj · ‎12-01-2014

Hi,

I know it's an old thread but I had the same issue today while I was trying to deploy an ova template, getting both error messages "Unable to establish an SSL connection with vCenter Server", and then "Unable to validate that the OVF can be imported on the vCenter Server".

After trying everything online without any luck, I figured out (after like 3 hour) the issue was that my management PC (which I used to login to vCenter 5.5) is not joined to the domain. To solve this issue, I only pointed 'on the mgmt PC" to the DNS on my domain (I didn't join the mgmt PC to domain) and it was all good after that.

I also noticed that because my mgmt PC was not joined to the domain nor pointing to the domain DNS I was unable to open any of my VM consoles (I get an error "ssl verification failure for "ip" due to a host thumbprint mismatch") again after just pointing my management PC DNS to the domain, this issue disappeared.

Just wanted to share my experience with you guys, good luck!

Cheers,

All

cannot deploy ovf template "vSphere Replication appliance"