VMware NSX

 View Only
Expand all | Collapse all

vSphere 6 - The SSL certificate of STS service cannot be verified

  • 1.  vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 16, 2015 10:19 AM

    Hi

    Has anyone got NSX working with vSphere 6?

    When I try to connect the NSX Manager to the vCenter lookup service I get the following error.

    "NSX Management Service operation failed.( Initialization of STS Clients failed. Root Cause: The SSL certificate of STS service cannot be verified )"

    Any idea on why this might be happening?

    NSX Version: 6.1.2 Build 23182

    vCenter Version: 6.0 Build 2155940

    Thanks

    David



  • 2.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified
    Best Answer

    Posted Mar 16, 2015 10:50 AM

    There is no supported NSX version out at the moment. 6.1.2 will not work.

    See please:

    KB 2110293

    "....

    Compatibility considerations

    vSphere 6.0:

    Compatible versions of vCloud Director (vCD) and NSX for vSphere (NSX-v) will be available soon. If your environment has NSX-v or vCD, VMware recommends waiting for the availability of these compatible versions before you start your vSphere upgrade.

    ..."

    6.1.3 should be out soon... ( I cannot give you date unfortunately )

    Regards,

    Roland



  • 3.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 16, 2015 11:49 AM

    Hi Roland,


    That would explain it, Many thanks.

    A bit misleading with NSX being version 6 :smileywink:


    Regards


    David



  • 4.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 23, 2015 09:24 PM

    NSX 6.1.3 just got released today. I just finished upgrading my NSX Manager from 6.1.2 to 6.1.3 (vSphere 6 supported) and still get that same error when trying to configure the Lookup service. Must be a bug.



  • 5.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 23, 2015 09:51 PM

    Is the DNS OK resolving the lookup service? Isn't there an alias defined for it or for the vCenter?



  • 6.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 25, 2015 09:57 AM

    One more thing. Did you use port 443 for the lookup service? It is not 7444 in vSphere 6.0



  • 7.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 31, 2015 09:13 AM

    SRoland, change port to 443 has worked for me in vShield Manager 5.5.4 (VMware vCloud Networking and Security) with vCenter 6.0



  • 8.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Apr 20, 2015 01:08 PM

    Thanks! Port 443 worked. Odd that port 7444 defaults on that screen. I never actually put the 7444 in myself.



  • 9.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Feb 22, 2016 01:13 AM

    Thanks for posting this! I had a similar error trying to get vShield Manager 5.5.4 to talk to a version 6.0 PSC/Inventory Service. As soon as I changed the port from 7444 to 443 it worked. GSS has been chasing this for two weeks.

    Cheers,

    Hamish



  • 10.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Aug 17, 2016 06:49 PM

    Is there anything else to check for besides the port? Originally it was failing on port 7444, so, we switched it to 443 but I'm getting the "The SSL certificate of STS service cannot be verified" anyway. This is on vShield manager 5.5.4 to a vSphere 6 PSC.

    Thanks



  • 11.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Mar 20, 2015 07:27 PM

    Ugh! The NSX 6.1 documentation center states ESXi 5.5 or later. ESXi 6 seems to be later than 5.5. Would have been nice for the caveat to be more definitive in the NSX 6.1 documentation.



  • 12.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Apr 19, 2015 11:40 PM

    Port 443 worked for me with NSX 6.1.3 and vSphere 6



  • 13.  RE: vSphere 6 - The SSL certificate of STS service cannot be verified

    Posted Sep 26, 2016 03:40 PM

    Running VMware vCloud Networking and Security 5.5.4.3 and vCenter Server 6.0 U2 (3634793) here. Getting "Initialization of STS Clients failed.Root Cause: The SSL certificate of STS service cannot be verified" when I try to enter the lookup service using port 443.