- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎05-23-2019 09:46 PM
Testing VMware credential activity on 443 port is resulting in caught exception error for vCenter v4.0 hosts. Are there any additional configuration required to be done within AD, certificates or vCenter to establish connection?
Error as below :
Exception caught trying to invoke method RetrieveServiceContent; nested exception is : javax.net.ssl.SSHandshakeException: java.security.cert.CertificationExcepetion: Certificates do not conform to algorithm constraints.
Solved! Go to Solution.
- Labels:
-
Discovery
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2019 05:00 PM
Such issue occurs when VMware vCenter Server Certificate has an RSA key size lower than 1024. This is an expected behavior in VMware client while connecting to vCenter as explored few articles over VMware community.
To work around this issue, the RSA key size requirement in MID server needs to be lowered or disabled.
1. Log in to mid server and open JRE folder seating in Mid Server directory
2. Open ****/jre/lib/security/java.security file using a text editor.
3. Change this line to reduce the key restriction, or comment out the entire line to disable the restrictions:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 </font>
For example:
Reducing the key size: jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 512</font>
Removing restraints: #jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024<br>
4. Save and close the file.
5. Repeat steps 1-3 on each Mid Servers in the cluster if required.
6. Bounce MID Server Service and perform the discovery.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
‎06-05-2019 05:00 PM
Such issue occurs when VMware vCenter Server Certificate has an RSA key size lower than 1024. This is an expected behavior in VMware client while connecting to vCenter as explored few articles over VMware community.
To work around this issue, the RSA key size requirement in MID server needs to be lowered or disabled.
1. Log in to mid server and open JRE folder seating in Mid Server directory
2. Open ****/jre/lib/security/java.security file using a text editor.
3. Change this line to reduce the key restriction, or comment out the entire line to disable the restrictions:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024 </font>
For example:
Reducing the key size: jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 512</font>
Removing restraints: #jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024<br>
4. Save and close the file.
5. Repeat steps 1-3 on each Mid Servers in the cluster if required.
6. Bounce MID Server Service and perform the discovery.
