Skip to main content

Certificate Error During Datastore Upload










“The operation failed for an undetermined reason. Typically, this problem occurs due to certificates that the browser does no trust. If you are using self-signed or custom certificates, open the URL below in a new browser tab and accept the certificate, then retry the operation.”













In my case, the URL that it listed was to one of my ESXi hosts in the compute-a cluster called Clu-1. The error then goes on to reference VMware KB 2147256.

It may seem odd that the vSphere Client would be telling you to visit a random ESXi host’s UI address when you are trying to upload a file via vCenter. But if you stop to think about it for a second, vCenter has no access whatsoever to your datastores. Whether you are trying to create a new VMFS datastore, upload a file or even just browse, vCenter must rely on an ESXi host with the necessary access to do the actual legwork. That ESXi host then relays the information back through the Web Client.

vCenter Server will broker the initial connection between your client workstation and the ESXi host, but ultimately, the client machine must be able to access the ESXi host vCenter has selected via HTTPS. If your lab is like mine, self-signed certificates are everywhere and ESXi is no different. I had visited the vSphere Client UI on several of my hosts since the rebuild, but esx-a2 was not one of them.




As you can see above, the self-signed certificate is not trusted in Firefox. If the browser disallows HTTPS to Clu-1, the file upload can’t proceed. Once I added an exception, I was able to upload my file successfully





Labels:

Comments

Post a Comment

Popular posts from this blog

Dell EMC VxRail – VMware Virtual SAN Stretched Cluster

Logical Diagram of VMware vSAN Stretched Cluster Physical Diagram of VMware vSAN Stretched Cluster Last week I deployed a test environment of VMware vSAN Stretched Cluster which is running on Dell EMC VxRail Appliance. In this post we will describe how to setup VMware vSAN Stretched Cluster on Dell EMC VxRail Appliance. Above figure is the high level of physical system diagram. In site A/B there are six VxRail Appliances and two 10GB Network Switch which are interconnected by two 10GB links, and each VxRail Appliance has one 10GB uplink connects to each Network Switch. In site C, there are one vSAN Witness host and one 10GB Network Switch. For the details of configuration of each hardware equipment in this environment, you can reference the followings. Site A (Preferred Site) 3 x VxRail E460 Appliance Each node includes 1 x SSD and 3 x SAS HDD, 2 x 10GB SFP+ ports 1 x 10GB Network switch Site B (Secondary Site) 3 x VxRail E460 Appliance Each node includes 1 x SSD and...
1 comment
Read more

VxRail 4.0 – Scale Out

The above is the physical diagram of VxRail Cluster (3 nodes). In this post I will show how to add one VxRail Appliance into this VxRail Cluster (From 3 nodes to 4 nodes). NOTE: The model of each VxRail Appliance is E460. Before the node expansion, you need to verify each Appliance is running in health in dashboard of VxRail Manager. The above is the final physical diagram of VxRail Cluster after scale out. Now we start the node expansion. You have just mounted a new VxRail Appliance (E460) and cabled it up to the top of each rack switch. When you power it on you can see a notification appear in the top left corner of VxRail dashboard. Click “ Add Node “. When you initially configured your VxRail Appliance, you specified an IP pool for ESXi, vMotion and vSAN. You can see that there available IP addresses in these pools, so the only additional action is to set an ESXi password. Click the scroll bar, then click the “ ESXi Password “. Enter the  ESXi  and ...
1 comment
Read more

UEFI Secure Boot with ESXi 6.5

UEFI Secure Boot: UEFI, or Unified Extensible Firmware Interface, is a replacement for the traditional BIOS firmware. In UEFI, Secure Boot is a “protocol” of the UEFI firmware. UEFI Secure boot ensures that the boot loaders are not compromised by validating their digital signature against a digital certificate in the firmware. UEFI can store whitelisted digital certificates in a signature database (DB). There is also a blacklist of forbidden certificates (DBX), a Key Exchange Keys (KEK) database and a platform key. These digital certificates are used by the UEFI firmware to validate the boot loader.  Boot loaders are typically cryptographically signed and their digital signature chains to the certificate in the firmware.The default digital certificate in almost every implementation of UEFI firmware is a x509 Microsoft UEFI Public CA cert. Most of the UEFI implementations also allows the installation of additional certificate in the UEFI firmware and UE...
Post a Comment
Read more