thibveni
Enthusiast
Enthusiast

AWS Orchestrator Plugin error on Add Amazon Account

Hi,

I got an error on workflow to Add amazon account :

[2014-06-18 11:57:49.248] [E] Unable to import certificate for endpoint:

[2014-06-18 11:57:55.211] [I] java.lang.RuntimeException: Unable to execute HTTP request: peer not authenticated caused by: peer not authenticated caused by:

Is someone using this plug in?

Do you have an idea of the problem ?

I check my proxy and it's working fine because when i'm using another port it failed


Regards

0 Kudos
7 Replies
cdecanini_
VMware Employee
VMware Employee

Do you run vCO 5.5 U1 that shipped with vCenter 5.5 U1 ? (This is a requirement of the plug-in)

If my answer resolved or helped you, please mark it as Correct or Helpful to award points. Thank you! Visit http://www.vcoteam.info & http://blogs.vmware.com/orchestrator for vCenter Orchestrator tips and tutorials - @vCOTeam on Twitter
0 Kudos
thibveni
Enthusiast
Enthusiast

I'm using vCO Appliance 5.5.1 Build number 1617127

0 Kudos
cdecanini_
VMware Employee
VMware Employee

OK then there is a problem importing the SSL certificate. Have you tired to do it from the vCO web configuration ?

If my answer resolved or helped you, please mark it as Correct or Helpful to award points. Thank you! Visit http://www.vcoteam.info & http://blogs.vmware.com/orchestrator for vCenter Orchestrator tips and tutorials - @vCOTeam on Twitter
0 Kudos
thibveni
Enthusiast
Enthusiast

I just tried to add ec2.eu-west-1.amazonaws.com on SSL Trust Manager from the vCO web configuration but there is no SSL connection on this URL, neither on amazonaws.com.

0 Kudos
awjudge
Hot Shot
Hot Shot

Same problem here, importing the Cert from the website into the vCO SSL Trusted Certs doesn't make any difference.

0 Kudos
awjudge
Hot Shot
Hot Shot

This looks to be an issue with the workflow when it's running behind a Proxy server. I have a ticket open with VMware support, they're looking at the problem. I'll post back here as and when I have a fix.

0 Kudos
SpasKaloferov
VMware Employee
VMware Employee

I think it could be a certificate problem. You can try running Powershell Remoting session from the same box acting as the powershell host for VCO – so Enter-PSSession –Computername localhost – and then attempted to run import-azurepublishsettingsfile with the right parameters. Examples of PS remoting can be found here

http://kaloferov.com/blog/using-credssp-with-the-vco-powershell-plugin/


There is some code online that essentially opens the Azure Settings file, grabs the certificate content, then creates a certificate object and then passes to Azure subscription cmdlets the certificate object to authenticate:

http://social.msdn.microsoft.com/Forums/onedrive/en-US/ca0b3953-f601-49f0-ab48-1fbfdabb6b96/security...


Special thanks to Michael Francis for finding this solution.

0 Kudos