New Question
 
 
PRTG Network Monitor

Intuitive to Use.
Easy to manage.

200.000 administrators have chosen PRTG to monitor their network. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free PRTG
Download >>

 

What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general. You are invited to get involved by asking and answering questions!

Learn more

 

Top Tags


View all Tags


VMware Virtual Machine SOAP sensor failure since Windows Update. What to do?

Votes:

0

Your Vote:

Up

Down

I get the following error "The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel"

error fails failure prtg sensor soap vmware

Created on Oct 11, 2012 6:23:16 PM by  Dieter Loskarn [Paessler Support]

Last change on Oct 12, 2012 8:06:10 AM by  Daniel Zobel [Paessler Support]



1 Reply

Accepted Answer

Votes:

1

Your Vote:

Up

Down

Windows and Weak Certificates

The Windows Update KB2661254 disabled the authentication mechanism with weak certificates that have a key-length of less than 1024 bit. If you installed this update on a computer running the PRTG probe, this can affect your VMware sensors.

Solution: Install Strong Certificates on VMware Server

vCenter-Server 4.0 used certificates with 512 bit key-length. You may be affected too if you updated to a newer version, because the certificates are kept during an update!

A new installation of vCenter-Server 4.1 or higher generates certificates with 2048 bit key-length and is not affected.

Please refer to the VMware knowledge base at http://kb.vmware.com/kb/2037082 for further information on how to regenerate certificates on your existing installation.

Work Around: Re-Enable Weak Certificates

At the Microsoft knowledge base (http://support.microsoft.com/kb/2661254) you get a solution to re-enable weak certificates with a registry key at the section Allow key lengths of less than 1024 bits by using registry settings.

This is not recommended and should only be used as a quick workaround and should be reverted as soon as possible after replacing the certificates!

Created on Oct 11, 2012 6:25:42 PM by  Dieter Loskarn [Paessler Support]

Last change on Oct 12, 2012 8:23:51 AM by  Dieter Loskarn [Paessler Support]



Please log in or register to enter your reply.


Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.