Search the VMware Knowledge Base (KB)
View by Article ID

Installing vCenter Server Appliance 6.0 fails when configuring Single Sign-On with the error: An unexpected error occurred during the installation of the appliance SSO service (2141948)

  • 0 Ratings
Language Editions

Symptoms

  • Installing the vCenter Server Appliance fails when configuring Single Sign-On.
  • You see the error:

    Error: An unexpected error occurred during the installation of the appliance SSO service. Please collect a support bundle and file a service request.

  • In the /var/log/vmware/sso/catalina.log file, you see entries similar to:

    29-Dec-2015 05:40:32.210 SEVERE [main] org.apache.tomcat.util.digester.Digester.fatalError Parse Fatal Error at line 48 column 125: Attribute "sslEnabledProtocols" was already specified for element "Connector". org.xml.sax.SAXParseException; systemId: file:/usr/lib/vmware-sso/conf/server.xml; lineNumber: 48; columnNumber: 125; Attribute "sslEnabledProtocols" was already specified for element "Connector".
            at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
            at com.sun.org.apache.xerces.internal.util.ErrorHandlerWrapper.fatalError(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLErrorReporter.reportError(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLScanner.reportFatalError(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanAttribute(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanStartElement(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(Unknown Source)
            at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
            at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
            at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(Unknown Source)
            at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(Unknown Source)
            at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(Unknown Source)
            at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
            at org.apache.tomcat.util.digester.Digester.parse(Digester.java:1561)
            at org.apache.catalina.startup.Catalina.load(Catalina.java:616)
            at org.apache.catalina.startup.Catalina.start(Catalina.java:678)
            at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
            at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
            at java.lang.reflect.Method.invoke(Unknown Source)
            at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:322)
            at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:456)


    Note: This log excerpt is an example. Date, time, and environmental variables may vary depending on your environment.

Resolution

To resolve this issue, confirm there is not duplicate SSL protocols listed.

  1. Connect to the vCenter Server Appliance and log in using root credentials.
  2. Run this command to enable access the Bash shell:

    shell.set --enabled true

  3. Type shell and press Enter.
  4. Navigate to /usr/lib/vmware-sso/conf/.
  5. Create a backup of the server.xml file.

    cp server.xml server.xml.bak

  6. Open the server.xml using a text editor:

    vi server.xml

  7. Look for multiple instances of sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2.

    For example:

    <Connector SSLEnabled="true" sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"
    sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"sslEnabledProtocols="TLSv1,TLSv1.1,TLSv1.2"


  8. Delete all the instances of sslEnabledProtocols, the resulting file should look like:

    <Connector SSLEnabled="true"

  9. Stop the vpxd service with this command:

    service vmware-vpxd stop

  10. Manually configure Single Sign-On through the vCenter Server Appliance VAMI page (located at https://vcenter_FQDN:5480)
  11. Start the vpxa service with this command:

    service vmware-vpxd start

See Also

Language Editions

zh_cn,2151220

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.

Feedback

  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.

What can we do to improve this information? (4000 or fewer characters)




Please enter the Captcha code before clicking Submit.
  • 0 Ratings
Actions
KB: