tdubb123
Expert
Expert

getting openssl error when repointing virtual center to reinstalled sso

INFO  |  Running: openssl.exe version

[+    6490] ERROR |  Cannot run program "openssl.exe" (in directory "C:\Program

Files\VMware\Infrastructure\SSOServer\bin"): CreateProcess error=2, The system c

annot find the file specified

but openssl.exe is in here

11 Replies
rcporto
Leadership
Leadership

Do you have checked this KB article: VMware KB: Re-pointing and re-registering VMware vCenter Server 5.1 / 5.5 and components

Are you putting the value "C:\Program Files\VMware\Infrastructure\SSOServer\bin" in the --openssl-path ? What if in the --openssl-path you put "C:\Program Files\VMware\Infrastructure\Inventory Service\bin/" ?

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
0 Kudos
tdubb123
Expert
Expert

Hi

Yes that is he kb i followed. I copied the openssl.exe directly over from the inventory service server and put it in

"c:\program files\vmware\infrastructure\ssoserver\bin/"

Yes I added the extra "/"

Yes

I use --openssl-path "c:\program files\vmware\infrastructure\ssoserver\bin/"

any ideas?

0 Kudos
rcporto
Leadership
Leadership

Instead of using "c:\program files\vmware\infrastructure\ssoserver\bin/" did you tried using "C:\Program Files\VMware\Infrastructure\Inventory Service\bin/" ?

---

Richardson Porto
Senior Infrastructure Specialist
LinkedIn: http://linkedin.com/in/richardsonporto
0 Kudos
C34
Contributor
Contributor

Did anyone find out how to fix this?  We are receiving the same error as well.

0 Kudos
neilhewitt
Contributor
Contributor

for any one still intrested in this, i have discovered a fix for this error..

I copied the openssl.exe and 3 .dll files (jwinauth.dll, libeay32.dll and ssleay32.dll) to the directory I was running the repoint.cmd command from, and it then passes all the openssl commands..

This in my case was "D:\Program Files\VMware\Infrastructure\VirtualCenter Server\ssoregtool\sso_svccfg"

Hope this helps

0 Kudos
nkrishnan
Expert
Expert

Coping the Openssl in to folder has repoint.cmd and could proceed it further but hit another issue and it gave me java exception mention below error, did you face similar issue.

c.c.WinSystemTrustStoreManager] INFO  Saving CA certificate for C=US,CN=CA\, CN\=MYHOSTNAME\, dc\=vsphere\,dc\=local toC:\ProgramData\VMware\SSL\C=US,CN=CA\, CN\=MYHOSTNAME\, dc\=vsphere\,dc\=local

2015-01-27T11:54:26.946+0100 [c.v.s.cfg.ServiceCfgMain] ERROR Abnormal command failure: exception `C:\ProgramData\VMware\SSL\C=US,CN=CA\, CN\=MYHOSTNAME\, dc\=vsphere\,dc\=local (The system cannot find the path specified)' of type class java.io.FileNotFoundException

java.io.FileNotFoundException: C:\ProgramData\VMware\SSL\C=US,CN=CA\, CN\=MYHOSTNAME\, dc\=vsphere\,dc\=local (The system cannot find the path specified)

The Script ends with:

2015-01-27T11:54:26.979+0100 [c.v.s.cfg.ServiceCfgMain] INFO  Return code is: InternalError / 254

2015-01-27T11:54:26.980+0100 [c.v.s.cfg.ServiceCfgMain] INFO  END EXECUTION

--Nithin
0 Kudos
neilhewitt
Contributor
Contributor

Hi Nithin

Is that the response of the "repoint.cmd"?

firstly make sure you have the JAVE_HOME environment variable set to

C:\Program Files\Common Files\VMware\VMware vCenter Server - Java Components\


Under the ssoregtool folder there is a vcsso.properties file, this will need to be edited with the certificate location for the "solution user" heading

cert=C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.crt


Also if you did not install vCenter on the C drive (Default Path C:\Program Files\VMware\Infrastructure\VirtualCenter Server\, you will need to copy the vcsso.properties file from VC Install Path)\ssoregtool\vcsso.properties to the

C:\Program Files\VMware\Infrastructure\VirtualCenter Server\ssoregtool\vcsso.properties creating the directories as required.


Once repoint.cmd is complete, it may fail to restart the vcenter service. Stop the service and check the

C:\ProgramData\VMware\VMware VirtualCenter\vpxd.cfg


for the following certificate lines

      <solutionUser>

        <certificate>C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.crt</certificate>

        <name>vCenterServer_<random numbers></name>

       <privateKey>C:\ProgramData\VMware\VMware VirtualCenter\SSL\rui.key</privateKey>

      </solutionUser>

as these have a tendancy to report as

<certificate>null</certificate> and

<privateKey>null</privateKey>

causing the vcenter service to fail to start with a certificate error.

thanks Neil    

manoova
Contributor
Contributor

I had the same issue as reported by the original poster.

The vCenter Server I was working on had vCenter and related services installed on the E:\ drive.

I was following Recovering from expired SSL Certificates in VMware vCenter Server 5.5 and got suck on point 12: "Re-register vCenter Server back to Single Sign-On by running this command".

In order to get the repoint command to successfully complete I had to create the following folder: "C:\Program Files\VMware\Infrastructure\VirtualCenter Server\ssoregtool"

Then unzip sso_svccfg.zip here.

I then created "C:\Program Files\VMware\Infrastructure\Inventory Service\bin" and copied the openssl.exe and three DLL files (as mentioned above) to this location.

Running repoint.cmd from "C:\Program Files\VMware\Infrastructure\VirtualCenter Server\ssoregtool\sso_svccfg" then worked perfectly for me.

It seems to me that the script is very particular about file locations and directory structures and any differences in your environment will cause problems.

I hope this helps. Thanks to everyone on this thread for posting their experiences.

Sean

0 Kudos
jpmoock
Contributor
Contributor

For Nithin, or anyone else that runs into the "Return code is: InternalError / 254" error when repointing vCenter to a different SSO, please see https://communities.vmware.com/message/2530673#2530673

0 Kudos
DavidACap
Contributor
Contributor

Is there a definitive answer for moving to an external SSO? I'm having the same issues

0 Kudos
avanderheijden
Contributor
Contributor

The solution to this error is KB 2033620

If vcenter is installed on the 😧 simpley add --vc-install-dir "path_to_vCenter_Server_install_directory" to the repoint.cmd command.

So the command could be this:

repoint.cmd configure-vc --lookup-server lookup_service_url --user single_sign_on_admin_user --password single_sign_on_admin_password --openssl-path "path_to_OpenSSL_bin_directory/" --vc-install-dir "path_to_vCenter_Server_install_directory"

0 Kudos