Monday, 6 June 2016

Unable To Connect VDP To Web Client: Failed To Validate vCenter certificate

So out of nowhere today, when I tried to connect the VDP appliance to web client, I got the following error message:

"Failed to validate the vCenter certificate. Either install or verify the certificate by using the vSphere Data configuration utility"

A screenshot of the message:


The vdr-configure logs displayed the following: 
Location: /usr/local/avamar/var/vdr/server_logs

2016-06-06 20:42:26,067 INFO  [http-nio-8543-exec-6]-rest.AuthenticationService: Vcentre Certificate validation had failed
2016-06-06 20:42:27,454 INFO  [Thread-15]-vi.ViJavaServiceInstanceProviderImpl: vcenter-ignore-cert ? true
2016-06-06 20:42:27,514 INFO  [Thread-15]-vi.ViJavaServiceInstanceProviderImpl: visdkUrl = https://192.168.1.1:443/sdk
2016-06-06 20:42:31,127 ERROR [Thread-15]-vi.ViJavaServiceInstanceProviderImpl: Failed To Create ViJava ServiceInstance owing to Remote VCenter connection error

So I was not using any custom certificate here. All default VMware certificate on my 5.5 vCenter. 

The resolution:

1. Restart all VDP services using the below command:

dpnctl stop all
dpnctl start all

2. When I logged into https://VDP-IP:8543/vdp-configure page I noticed the following:


I have an external proxy here, and it looked like the proxy VM was down. Restarted the proxy VM, yet the services and proxies status was not updated, which is when I proceeded to Step (3).

3. Re-register your VDP appliance to vCenter. You can follow this link here to get this task done.

Once the re-register (Same VDP user or a different user) was done (Without any changes to vCenter port or IP) the appliance was able to connect successfully to the web client.

Interesting enough, I was unable to find the cause of this, although I suspect that the connectivity between vCenter and VDP was broken. If there is something more detailed, do comment below. Always looking for VDP deep-dives.

That's pretty much it!