vCenter

 View Only
  • 1.  Skyline Health not working

    Posted Jul 06, 2022 09:14 AM

    My vCenter 7 (latest version) skyline health is not working. The message is "The current status of Internet connection is disabled. Online health checks are not available if the Internet connection is disabled."   But obviously the connection is enabled, I can update vCenter, or ping anywhere via ssh, so the problem is elsewhere.

    Reading around, it seems a certificate problem. I tried to renew certificates with usr/lib/vmware-vmca/bin/certificate-manager , option 8, all seems ok, but the problem remained.

    I did the following test:

    root@vcenter-db [ ~ ]# curl -iv https://vcsa.vmware.com
    * Trying 127.0.0.3:443...
    * Connected to vcsa.vmware.com (127.0.0.3) port 443 (#0)
    * ALPN, offering http/1.1
    * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
    * successfully set certificate verify locations:
    * CAfile: /etc/pki/tls/certs/ca-bundle.crt
    * CApath: none
    * TLSv1.2 (OUT), TLS header, Certificate Status (22):
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (OUT), TLS alert, unknown CA (560):
    * SSL certificate problem: unable to get local issuer certificate
    * Closing connection 0
    curl: (60) SSL certificate problem: unable to get local issuer certificate
    More details here: https://curl.se/docs/sslcerts.html

    curl failed to verify the legitimacy of the server and therefore could not
    establish a secure connection to it. To learn more about this situation and
    how to fix it, please visit the web page mentioned above.

    So, it seems indeed a certificate problem, but I don't know what to do now...



  • 2.  RE: Skyline Health not working

    Posted Jul 08, 2022 03:08 PM

    Hi  

    I recommend to create a support case with VMware. The engineer will look into your configuration and fix the issue. I had many certificate related issues in the last few weeks. Maybe you can check the certificate on your vCenter appliance first.

    Here is a hint: TLSv1.2 (OUT), TLS alert, unknown CA (560):

    Regards

    Daniel