Tag: WIndows

SSL3 GET RECORD

I was doing an in-place upgrade of a vCenter 5.5 to vCenter 6 (Windows), when I encountered an unusual error, that didn’t seem to have a relevant KB article or much other information. This was most definitely NOT a database incompatibility, as was indicated by the second error.

It turns out that the solution is buried in the vCenter 6.0 U1b Release Notes

On Windows OS:

Open file C:\ProgramData\VMware\CIS\runtime\VMwareSTS\Conf\Server.xml.

Remove the tag sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″ from the below line in the server.xml file: <Connector SSLEnabled=”true” sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″

Restart VMwareSTS and VMwareIdentityMgmtService services.

Start the SSO service.

Of course, in true VMware style, you will find no services with the names “VMwareSTS,” “VMwareIdentityMgmtService,” and/or “SSO,” so after you edit the file, restart all VMware and VirtualCenter services.

Here are the steps:

Edit the file: C:\ProgramData\VMware\CIS\runtime\VMwareSTS\Conf\Server.xml

 

Remove the text: sslEnabledProtocols=”TLSv1,TLSv1.1,TLSv1.2″

The file should look like this now:

Now restart all of the VMware and VirtualCenter services.

Mission Critical Virtual Machines on VMware vSphere

Building Mission Critical VMs on VMware vSphere is pretty simple. There are just a few commonly acknowledged Best Practices with which to adhere, regardless of whether you are installing Windows or Linux:

  • Use Paravirtualized drivers wherever possible
  • Remove unnecessary hardware from the VM (settings)
  • Disable unnecessary or unused devices in BIOS
  • Assign no more resources to the VM than are actually required

In the following steps, I am going to be building a VM to serve as Active Directory Domain Controller for my lab (jb-lab.local) on Windows Server 2012. Continue reading