VCSA 5.5 Web Client fails to log on with “SSL certificate verification failed”

Written by Sam McGeown
Published on 3/3/2014 - Read in about 2 min (225 words)

This had me scratching my head, what seemed to be a common problem wasn’t fixed by the common solution. It was actually my fault – too familiar with the product and setting things up too quickly to test.

I installed a VCSA 5.5 instance in my lab as a secondary site for some testing and during the process found I couldn’t log on to the web client – it failed with the error:

Failed to connect to VMware Lookup Service https://vCVA_IP_address:7444/lookupservice/sdk - SSL certificate verification failed.

There are several VMware KB articles about this (2033338 and 2058430) which point to regenerating the SSL certificate as the solution to this – unfortunately in my case it didn’t seem to work.

I had a closer look at the certificate being generated and noticed that the Subject Name was malformed “CN=vc-02.definit.loca” – that led me to the network config of the VCSA. I’d entered the FQDN into the “host name” field, which was in turn being passed to the certificate generation, truncated and throwing the SSL error. Changing the FQDN back to the host name “VC-02” and regenerating the certificate resolved the issue.

If you do have to follow that process, remember to disable the SSL certificate regeneration after it’s fixed – otherwise you’ll suffer slow boot times!

I’ll put that one down to over-familiarity with the product!

Share this post