When I have seen this Error “This webpage is not available ERR_CONNECTION_CLOSED” message, I was amazed as VDP 6.0 configuration utility not compatible with Google Chrome.

New Google Chrome version removed SSL Support because of major security flaws in SSL protocol, Unfortunately this breaks some web applications which are running on web servers configured to support only SSL and not more secure TLS, VMware Data Protection configuration utility is one of these applications.

If you try to access VDP configuration utility at https://vdp.fqdn:8543/vdp-configure on recent Google Chrome version you will see “This webpage is not available ERR_CONNECTION_CLOSED” message. If you have Windows OS you can access VDP configuration portal using Internet Explorer if you have not explicitly disabled SSL support in it.

VDP 6.0 configuration utility not compatible with Google Chrome

VDP 6.0 configuration utility not compatible with Google Chrome

What Next? VDP 6.0 configuration utility not compatible with Google Chrome

Yes Its Resolved – Vmware has noticed of recent SSL & TLS security fixes in major browsers VDP 6.0 configuration UI is no longer compatible with any recent release of Google Chrome, Microsoft Internet Explorer or Mozilla Firefox, all you get is ERR_CONNECTION_CLOSED or similar error.

Cause

This issue occurs because Firefox, Chrome and Internet Explorer have removed support for DSA ciphers, and DSA ciphers are used by VMware vSphere Data Protection 5.x and 6.0 to communicate with the browser. Firefox release 37 removed DSA ciphers as did Chrome release 40.0.2215.115m. See Additional Information section for links to supporting documentation.

Resolution

This is a known issue affecting VMware vSphere Data Protection (VDP) 5.x and 6.0.

This issue is resolved in VMware vSphere Data Protection (VDP) 6.0.1, available at VMware Downloads. For more information, see the VMware vSphere Data Protection (VDP) 6.0.1 Release Notes.

To resolve this issue in VDP 6.0 or earlier versions, run the attached 2111900_VDPHotfix.SHA2.sh.zip file in the VDP appliance.

Warning: Do NOT run script before installation configuration of VDP.  VDP registration with vCenter fails if you do.

To run the attached 2111900_VDPHotfix.SHA2.sh.zipfile in the VDP appliance:

Download the 2111900_VDPHotfix.SHA2.sh.zip file attached to this article.

Copy the 2111900_VDPHotfix.SHA2.sh.zip file to the VDP appliance and place it in the /tmp directory. Windows users should use a file transfer utility such as Filezilla or WinSCP to do this. Linux users can use the scp command.

In VDP 5.8 and later, you can use an SSH session or the console of the VDP appliance to log in as admin user. See note #1.

In VDP 5.8 and later, switch from the admin user to the root user by running this command:

su – root

See Note # 1.

Change the directory to /tmp by running this command:

cd /tmp

Run these commands:

unzip 2111900_VDPHotfix.SHA2.sh.zip

CD into folder 2111900_VDPHotfix.SHA2.sh

chmod a+x VDPHotfix_SHA2.sh

./VDPHotfix_SHA2.sh

This hotfix removes the older SHA1 certificate of the VDP tomcat service and generates a new SHA2 certificate.

Notes:

In VDP versions prior to 5.8, you can log into the appliance using the root user and password.

To use scp as described in step 2, the user must be admin for SSH login in VDP 5.8 and later.

Root ssh is disabled by default in VDP 5.8 and later.

VMware Sources are as follows

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2111900

https://www.vmware.com/support/vdr/doc/vdp_601_releasenotes.html

 

newsletter-aik

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!