Submit a ticketCall us

AnnouncementsTHWACKcamp 2018 is here

2018 is the seventh year for THWACKcamp™, and once again we’ll be live October 17 – 18 with packed session tracks covering everything from network monitoring and management, to change control, application management, storage, cloud and DevOps, security, automation, virtualization, mapping, logging, and more.

Register for online sessions.

Home > Success Center > Virtualization Manager (VMAN) > VMAN - Knowledgebase Articles > Data collection fails for certain vCenter Servers after upgrading to Virtualization Manager 6.1.1 and later

Data collection fails for certain vCenter Servers after upgrading to Virtualization Manager 6.1.1 and later

Table of contents

Issue:

Data collection fails for certain vCenter Servers which were upgraded from version 4.0 and below.

Cause:

The version of Java shipped with Virtualization Manager version 6.1.1 and later rejects connections to vCenter Servers which are using RSA certificates shorter than 1024 bits. Even though vCenter Server uses 2048-bit certificates by default since version 4.1, these certificates are not regenerated when the system is updated. As a result, data collection from vCenters which were updated from version 4.0 and below fails.

Resolution:

Option 1 (Recommended): Regenerate the certificates

See the following KB article at the VMware website for instructions about how to check the length of the certificate and how to regenerate it:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2037082

 

Option 2: Modify the Java security settings to allow certificates with short RSA keys

  1. Use SSH to connect to the Virtualization Manager appliance or to the Collector appliance which monitors the affected data sources.
  2. Stop Virtualization Manager by using the following command: sudo service tomcat stop
  3. Type or paste the following command: sudo sed -i.bak 's/jdk\.certpath\.disabledAlgorithms=MD2, RSA keySize < 1024/jdk\.certpath\.disabledAlgorithms=MD2/' /usr/java/default/jre/lib/security/java.security
  4. Start Virtualization Manager by using the following command: sudo service tomcat start
Last modified

Tags

Classifications

Public