VMware
 

Knowledge Base

Search the Knowledge Base:
Products:
Search In:
 

VirtualCenter does not detect changes in host IP address unless SSL certificate verification has been enabled

Details

After changing the IP address of a ESX host, you are experiencing these issues:
  • Errors:
     
    Handshake timedout for stream <ip address>, blacklisting it for 3000 ms
  • VirtualCenter connects to hosts but cannot be managed (they appear grayed out).
  • High Availability (HA) configuration fails.
 

Solution

VirtualCenter responds to detected changes in a host's IP address only if the connection to the host is protected by validation of the host's SSL certificate thumbprint. By default, SSL Certificate Verification is disabled.
 
To resolve the issues described above, enable SSL Certificate Verification in the VirtualCenter:
  1. In the Virtual Infrastructure (VI) Client menu bar, click Administration > VirtualCenter Management Server Configuration.
  2. Click SSL Settings.
  3. Select the Check host certificates check box to enable SSL Certificate Verification.
  4. Reconnect all ESX hosts.

For more information on certificate verification, see the Server Configuration Guide for your ESX version.

Keywords

SSL, security, IP address, VirtualCenter

Feedback

Rate this article:
(1 Ratings)

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
Email address (optional)
Submit
Rate this article:
(1 Ratings)
Actions
  • KB Article: 1003066
  • Updated: Jan 8, 2010
  • Tags
    How to
    Troubleshooting
  • Products:
    VMware ESX
    VMware VirtualCenter
  • Product Versions:
    VMware ESX 3.5.x
    VMware ESXi 3.5.x Embedded
    VMware ESXi 3.5.x Installable
    VMware VirtualCenter 2.5.x