SSL certificate of the STS service cannot be verified
search cancel

SSL certificate of the STS service cannot be verified

book

Article ID: 315424

calendar_today

Updated On:

Products

VMware NSX Networking VMware vSphere ESXi

Issue/Introduction

Symptoms:
  • Attempting to register VMware vShield Manager or NSX Manager to the vCenter Server 6.0 SSO Lookup Service fails.
  • You see the error:

    SSL certificate of the STS service cannot be verified


Environment

VMware vCloud Networking and Security 5.5.x
VMware NSX for vSphere 6.2.x
VMware NSX for vSphere 6.1.x
VMware vShield Manager 5.1.x

Cause

This issue occurs because the vCenter Server 6.0 SSO Lookup Service is unified behind the port 443 instead of port 7444.
 
Note: If you have upgraded from vCenter Server 5.5 to 6.0, you must continue to use port 7444.

Resolution

To resolve this issue, modify the Lookup Service port from 7444 to 443 in VMware vShield Manager or NSX Manager.

To modify the Lookup Service port in vShield Manager or NSX Manager:
  1. Log in to the web UI for vShield Manager.
  2. Click Settings & Reports in the left pane.
  3. Navigate to the Configuration section.
  4. Modify the Lookup service port from 7444 to 443.


Additional Information

More information here:
Resolution: The SSL certificate of STS service cannot be verified during vCenter Server Appliance 6.7 Upgrade
"Failed to check VMware STS. The SSL certificate of STS service cannot be verified" while upgrading VCSA from 6.5 to 6.7
For different language see:
VMware vShield Manager を vCenter Server 6.0 SSO Lookup Service に登録しようとすると次のエラーで失敗する: STS サービスの SSL 証明書が検証できません

Powered by Wolken Software