Monday, October 19, 2015

vSphere Replication Unable to obtain SSL certificate – Bad Server Response

While working on deploying vSphere 6.1 Replication appliances I got stuck on configuring the new appliance. After setting up the lookupservice address and clicking Save And Restart Services I ended up getting an error:

Unable to obtain SSL certificate: Bad server response; is a LookupService listening on the given address?

Some googling led me to:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2085155

The VMWare KB did not help as the vcenter and the new appliance could resolve each others by the FQDN.

Then I came across:

http://www.davidhill.co/2015/03/vsphere-replication-unable-to-obtain-ssl-certificate/

This was an interesting post since he mentions we need to enter the address for the LookupService Address and this does not match the actual VMWare documention which says the following:

In the LookupService Address text box, enter the IP address or domain name of the server where the lookup service runs.

Using the vcenter address did not work for me.  However, using the platform service controllers FQDN did work.  The configuration ended up working for me with either the FQDN of the Platform Services Controller or the full URL to the Lookup Service also pointing at the PSC.  So if you are in these shoes try:

[FQDN_vCenter_Platform_Services_Controller]

 and if that does not work, you can also try it with the full address:

https://[FQDN_vCenter_Platform_Services_Controller]:7444/lookupservice/sdk

5 comments:

  1. Thanks! I found the same sites as well but thankfully I ended up here. Your solution worked for me! I was able to just enter the FQDN of of the PSC. I'm guessing this is the case when the PSC is installed externally. Thanks again! Ken

    ReplyDelete
  2. Thanks dude. We are the daddy's using the external PSC

    ReplyDelete
  3. Thanks. I ran into the same thing setting up the replication appliance in my homelab. Before the icon would appear in the vSphere Web Client I had to reboot the vcenter. I did see the new extension listed though.

    ReplyDelete
  4. Thanks mate, I had wasted a couple of hours until I found your solution here. Worked perfectly in my case.

    ReplyDelete
  5. It will surely spread technical awareness in people. Thanks for writing. People can also visit a website, mysslonline to install SSL certificate

    ReplyDelete