Hi Guys,
Can anyone help me with this?
After installing SSO, I'm about to install SSO service with SSL certificate. When running this command
ssolscli.cmd listServices https://YourServer:7444/lookupservice/sdk
I wasn't able to use my FQDN however it works with ip address. Further investigation, I found in the installer.log file
hostname in certificate didn't match: <FQDN> != A or B or C
Where A was the ip-address entered when Single Sign On was installed and B and C are system-generated allowable alternatives.
Does anyone knows how to change the value for A or B or C? How do I change the value of the hostname that I initially entered during SSO installation?
Cheers,
Michael
Hi,
Might help you.......
If the Single Sign On installation fails completely, perform the following steps to correct the problem.
Regardless of the cause, the vCenter Server and Web Client installers might indicate the error
Could not contact Lookup Service. Please check VM_ssoreg.log....
Message | Cause and Solution |
java.net.ConnectException: Connection timed out: connect | Indicates that the provided IP address is incorrect, a firewall is blocking access to Single Sign On, or Single Sign On is overloaded. Ensure that the Single Sign On port (by default 7444) is not blocked by a firewall, and that the machine on which Single Sign On is installed has adequate free CPU, I/O. and RAM capacity. |
java.net.ConnectException: Connection refused: connect | Indicates that the provided IP address or FQDN is incorrect and that Single Sign On has not started or has started within the past minute. Verify that Single Sign On is working by checking the status of vCenter Single Sign On service (Windows) and vmware-sso daemon (Linux). Restart the service. If this does not correct the problem, see the Recovery section of the vSphere Troubleshooting Guide. |
Unexpected status code: 404. SSO Server failed during initialization | Restart Single Sign On. If this does not correct the problem, see the recovery section of the troubleshooting guide. |
The error shown in the UI begins with Could not connect to vCenter Single Sign-on. | You also see the return code SslHandshakeFailed. This is an extremely uncommon error. It indicates that the provided IP address or FQDN that resolves to the Single Sign On host was not the one used when installing Single Sign On. In %TEMP%\VM_ssoreg.log, locate the line containing hostname in certificate didn't match: <install-configured FQDN or IP> != <A> or <B> or <C> where A was the FQDN entered in when Single Sign On was installed, and B and C are system-generated allowable alternatives. Correct the configuration to use the FQDN on the right of the != sign in the log file. In most cases, use the FQDN specified during Single Sign On installation. If none of the alternatives are possible in your network configuration, recover your Single Sign On SSL configuration. |
Hi Umesh,
Thanks for the prompt reply, I was successful in installing SSO
Also, I couldn't find the vm_ssoreg.log file anywhere. Apart from this, is there any other file that I can update the hostname from ip address to FQDN?
Cheers,
Michael
Hi,
Check with this path wether you are getting the vm_ssoreg.log
C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\
Hi Umesh,
I should've mentioned that I'm running Wondows server 2008 R2. What would the path be?
Cheers,
Michael