vCenter fails to scan
Problem
When Scanning a vCenter with iQsoanr V3. You will get the following error:
Failed to connect on port 9443
The underlying connection was closed: An unexpected error occurred on a receive.
at .(String , List`1 , NetworkCredential , Int32 )
at ..ctor(String , List`1 , NetworkCredential , Int32 )
at ..ctor(String , List`1 , NetworkCredential , Int32 )
at iQuate.Sonar.Scanning.ESXWeb.Esx.Start()
Note: Customer is using the custom port, your port may be different.
To troubleshoot you need to check if you can connect from Scan engine to the vCenter web API using Internet Explore. If this fails but another browser is working it is likely that you have this issue.
Solution
You need to check if both servers have the same SSL and TLS protocols enabled. As vCenter Web API is is using windows native SSL and TLS for its communication.
- You can use the following utility to check and enable if needed: https://www.nartac.com/Products/IISCrypto You Need to run it as an Administrator
- If you cannot install the utility please use the following guide from Microsoft to do so: https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx
- Using one of the methods above you will need to check on the scan engine server you are using to scan the vCenter and the vCenter server itself if the crypto is the same on both servers.
- Once you set the crypto you will need to reboot the server for the changes to take effect.
- Once rebooted using Internet Explorer connect to the vCenter and attempt to connect to the WEB API. You should be able to login.
- Once successfully logged in attempt to re scan the vCenter.
Related articles
Please see:
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2031053 for info and underlying root cause. Please note that the article is old but the