Submit a ticketCall us

Quickly Address Software Vulnerabilities
Patch Manager is an intuitive patch management software which extends the capabilities of WSUS and SCCM to not only patch Windows® servers and workstations, and Microsoft® applications, but also other 3rd-party applications which are commonly exploited by hackers. Learn more about our patch management solution.

 

Home > Success Center > Virtualization Manager (VMAN) > Data collection fails for certain vCenter Servers after upgrading to Virtualization Manager 6.1.1 and later

Data collection fails for certain vCenter Servers after upgrading to Virtualization Manager 6.1.1 and later

Table of contents

Issue:

Data collection fails for certain vCenter Servers which were upgraded from version 4.0 and below.

Cause:

The version of Java shipped with Virtualization Manager version 6.1.1 and later rejects connections to vCenter Servers which are using RSA certificates shorter than 1024 bits. Even though vCenter Server uses 2048-bit certificates by default since version 4.1, these certificates are not regenerated when the system is updated. As a result, data collection from vCenters which were updated from version 4.0 and below fails.

Resolution:

Option 1 (Recommended): Regenerate the certificates

See the following KB article at the VMware website for instructions about how to check the length of the certificate and how to regenerate it:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2037082

 

Option 2: Modify the Java security settings to allow certificates with short RSA keys

  1. Use SSH to connect to the Virtualization Manager appliance or to the Collector appliance which monitors the affected data sources.
  2. Stop Virtualization Manager by using the following command: sudo service tomcat stop
  3. Type or paste the following command: sudo sed -i.bak 's/jdk\.certpath\.disabledAlgorithms=MD2, RSA keySize < 1024/jdk\.certpath\.disabledAlgorithms=MD2/' /usr/java/default/jre/lib/security/java.security
  4. Start Virtualization Manager by using the following command: sudo service tomcat start
Last modified
13:06, 13 Nov 2015

Tags

Classifications

Public