"Cannot establish a remote console connection. Verify that the machine is powered on. If the server has a self-signed certificate, you might need to accept the certificate, then close and retry the connection."
The remote console functionality changed in the Aria Automation 8.10.2 release.
This change was prompted due to the introduction of webmks and the deprecated of mks ticket type in vCenter 8.x
Prior to the Aria Automation 8.10.2 version the remote console traffic from end user client machines to the ESXI hosts was proxied through the Aria Automation appliance.
In the 8.10.2 release which leverages the webmks ticket type the connection is now directly made between the browser on the client machine and the ESXI host. This introduces new requirements for remote console traffic in the Aria Automation 8.10.2 release.
To resolve the issue in Aria Automation version 8.10.2 you will need to ensure the following requirements are met.
Some browsers leverage the certificate trust store on the client machines, others maintain their own internal trust store. The relevant browser vendor would need to be contacted for clarity in this regard.
In active directory managed environments a Group policy Update can be used to add the ESXI certificate to the trust store on all client machines. This procedure is outlined in How to download and install vCenter Server root certificates to avoid Web Browser certificate warnings.
Optional
If these new prerequisites are not desirable the remote console connection to the esxi's can instead be proxied through vCenter server by following the steps contained in the workaround section of KB 93070 to enable the vSphere remote console proxy service.
Alternatively If you wish to revert to the previous behaviour its possible to re-enable the MKS ticket type in the vRealize Automation 8.11.1 release.
Note: This workaround can only be leveraged in vRA version 8.11.1 and against machines hosted on vCenter 7.x due to the deprecation of MKS in vCenter 8.x
To switch to mks, remote console proxy should be enabled.
kubectl -n prelude edit deployment provisioning-service-app
-Denable.remote-console-proxy=true