Configuring Infoblox plugin in vCenter Orchestrator – java.net.ssl.SSLProtocolException caught when processing request: handshake alert: unrecognized name

0 Flares Filament.io 0 Flares ×

Nowadays I’m playing with VMware vCenter Orchestrator. I have installed the plugin for Infoblox and while trying to connect from orchestrator plugin to Infoblox device I was getting message :
“Make sure you are using proper config settings and/or proper SSL certificate of your IPAM server”

Luckly I had a VMware consultant on place, so first we checked the log file on the appliance. There are two catalina (Tomcat) log files. One is for the orchestrator server and one for the configuration.
The log files in the appliance are in the following paths

  • orchestrator server log file – /var/log/vco/app-server/catalina.out
  • configuration log file – /var/log/vco/configuration/catalina.out

For the analysis configuration log file should be used. So in the log file I found

So even if certificate is valid, enrolled by Enterprise PKI CA, imported to the certificates in vCO appliance, one can face sam error I did. Solution for this issue is to add following option
-Djsse.enableSNIExtension=false
to the java options in the tomcat setenv.sh file.
There are two files you need to change

  • /var/lib/vco/app-server/bin/setenv.sh
  • /var/lib/vco/configuration/bin/setenv.sh

So it should look like this

Then you just need to restart vCO server and vCO configuration server services from the VMware vCenter Orchestrator Configuration or ideally just the whole vCO appliance.
After the reboot you will be able to connect to Infoblox from vCO.

IMPORTANT
After updating/upgrading vCO to the newer version, it’s very possible that setenv.sh files would be overwritten, so you need to repeat this procedure after each vCO appliance update

0 Flares LinkedIn 0 Google+ 0 Facebook 0 Twitter 0 Filament.io 0 Flares ×

Leave a Reply

Your email address will not be published. Required fields are marked *