Could not establish trust relationship for the SSL/TLS secure channel

VMware
6.5 and older
7.0-8.5
9.0-9.7
9.8
https://kb.netwrix.com/1181
Copy Article URL Copied

All sessions fail with the similar error: “Error saving current VMware Virtual Center snapshot: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.”


The most common reason of the issue is the Microsoft update – KB2661254.
In summary, this update adds more security that blocks certificates with keys less than 1024 bits long. Your vCenter default certificate is less than 1024 bits long so it was being blocked and that was breaking the connection.


There are multiple ways to resolve this issue:
If one of the options does not work, please try the others

  1. Uninstall the update and restart the server
  2. Upgrade the certificate in Virtual Center Server to 1024 Bytes
  3. Allow for weaker certificates with the following command: “certutil -setreg chain minRSAPubKeyBitLength 512”
If none of these options work, try performing the following:
– Edit the registry: HKEY_LOCAL_MACHINESOFTWAREMicrosoftCryptographyOIDEncodingType 0CertDllCreateCertificateChainEngineConfig
– And edit the following DWORDS in decimal:

EnableWeakSignatureFlags: 2
minRSAPubKeyBitLength: 512

 

Go Up