I get the following error "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel"
VMware Virtual Machine SOAP sensor failure since Windows Update. What to do?
Modified on 2025-06-10 14:40:46 +0200
Disclaimer:
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.
Windows and Weak Certificates
The Windows Update KB2661254 disabled the authentication mechanism with weak certificates that have a key-length of less than 1024 bit. If you installed this update on a computer running the PRTG probe, this can affect your VMware sensors.
Solution: Install Strong Certificates on VMware Server
vCenter-Server 4.0 used certificates with 512 bit key-length. You may be affected too if you updated to a newer version, because the certificates are kept during an update!
A new installation of vCenter-Server 4.1 or higher generates certificates with 2048 bit key-length and is not affected.
Please refer to the VMware knowledge base at http://kb.vmware.com/kb/2037082 for further information on how to regenerate certificates on your existing installation.
Work Around: Re-Enable Weak Certificates
At the Microsoft knowledge base (http://support.microsoft.com/kb/2661254) you get a solution to re-enable weak certificates with a registry key at the section Allow key lengths of less than 1024 bits by using registry settings.
This is not recommended and should only be used as a quick workaround and should be reverted as soon as possible after replacing the certificates!
Oct, 2012 - Permalink