When installed on a Windows XP or Windows Server 2003 host machine, the vSphere Client and vSphere PowerCLI may fail to connect to vCenter Server 5.0, 5.1 and 5.5 due to a Handshake failure. vSphere 5.0, 5.1 and 5.5 uses the Open SSL library, which, for security, is configured by default to accept only connections that use strong cipher suites. On Windows XP or Windows Server 2003, the vSphere Client and vSphere PowerCLI do not use strong cipher suites to connect with vCenter Server.
Here is the fix:
- Connect to the host via SSH
-
Navigate to the directory:
/etc/vmware/rhttpproxy/
- Backup the config.xml file. Do not skip this step.
- Open config.xml file using vi editor
-
Add the <cipherList>ALL</cipherList> parameter between the <ssl>…</ssl> section of the configuration file. Use the model below as an example:
<config> ... <vmacore> ... <ssl> <doVersionCheck> false </doVersionCheck> <useCompression>true</useCompression> <libraryPath>/lib/</libraryPath> <cipherList>ALL</cipherList> # <-- TO BE ADDED </ssl> ... </vmacore> ... </config>
- Save and close the config.xml file
-
Reset the rhttpproxy service for the change to take effect by running the command:
/etc/init.d/rhttpproxy restart