VMware vSphere

 View Only
  • 1.  Connection error: could not negotiate SSL.

    Posted Jan 28, 2020 11:19 PM

    Hi All,

    Ever since I updated the VMWare Remote Console from 10.x to 11.0 I am getting the following error message when trying to connect to a VM:

    Connection error: could not negotiate SSL.

    Any ideas?

    Everything works fine with remote console versions pre 11.0.

    TIA



  • 2.  RE: Connection error: could not negotiate SSL.

    Posted Jan 29, 2020 08:26 AM

    Please check all your certificates. Here is another thread with a similar issue: Black screen when launching VM Remote Console from vCloud Director 9.5



  • 3.  RE: Connection error: could not negotiate SSL.

    Posted Feb 20, 2020 04:18 AM

    Even after you properly setup the SSL certification, you may still see the error if connect from local network, as the VMRC tries to use local ip to connect. Local ip will not match any domain name from your certification. Try to add an entry in you local machine host name resolve, for Windows edit c:\windows\system32\drivers\etc\hosts by add a line of "<local ip> <domain name of server>", for example:

    192.168.1.10 vm.mydomain.net



  • 4.  RE: Connection error: could not negotiate SSL.

    Posted Sep 26, 2022 03:02 PM

     wrote:

    Even after you properly setup the SSL certification, you may still see the error if connect from local network, as the VMRC tries to use local ip to connect. Local ip will not match any domain name from your certification. Try to add an entry in you local machine host name resolve, for Windows edit c:\windows\system32\drivers\etc\hosts by add a line of "<local ip> <domain name of server>", for example:

     

    192.168.1.10 vm.mydomain.net


    I'm sorry, I am just playing with Esxi so I don't have a full understanding of how it all works.  My ESXi host must have a self signed SSL because port 80 is blocked on my connection, but I can access everything through port 443. (It's run from home off a residential ISP connection).  My ESXi acts a little weird and I don't leave it accessible unless I know I'm going somewhere and need to access it.  I think I should setup a VPN for that.  ESXi doesn't load the login screen the first time, it just goes to a blue screen, then you refresh it and the login will actually show up, then it works like normal everywhere except for VMRC.  I get the SSL error when I try to use it.  I'm behind cloudflare and a kemp load balancer that holds certificates.  I thought this was happening because I didn't use any of the ssl pem and key files from letsencrypt on ESXi, but if that was the reason causing VMRC to fail, why can I access everything else under SSL?

    I will definitely try entering that code.  Is there something I can edit on a Ubuntu machine that would associate the internal IP to the domain also?