MABS Server cannot connect to the vCenter Error 33623

Serge Kovalev 0 Reputation points
2024-11-04T01:38:57.4333333+00:00

Hello Team, I have installed MABS server and cannot connect to the vCenter. vCenter version is 8.0

Please, read carefully before answering because all I could find over the Internet and on the Learn network Q&A was already applied.

  1. Certificates were loaded into Trusted. I have also tested by disabling certificate check as below. Same result.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Data Protection Manager\VMWare]

"IgnoreCertificateValidation"=dword:00000001

  1. I have tested connectivity to the vCenter via browser from the same Windows server - it works
  2. I elevated user to the Full Admin on the vCenter - MABS cannot connect
  3. I have added registry keys to force TLS 1.2 as below, restarted host server, deleted vCenter connection in MABS, deleted user credentials, added them back - same error

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001

  1. Log shows SSL/TLS tunnel error

18B4 239C 11/04 01:24:36.272 05 genericStatus.cpp(1112) 8031E91F-6798-4667-9DCA-DDD5A0E10666 WARNING Error while getting VMWare server verion sxx-vcentre.xxx.xxx.xx. HR = fd1d1020

18B4 239C 11/04 01:24:36.272 05 genericStatus.cpp(1100) [00000290FC5D0BB0] 8031E91F-6798-4667-9DCA-DDD5A0E10666 WARNING Parameter: [0x80990ef0], VMWareErrorMessage = The request was aborted: Could not create SSL/TLS secure channel.

18B4 239C 11/04 01:24:24.125 22 VMWareServer.cs(237) NORMAL Calling VMWareAPI:RetrieveServiceContent with argument serviceReferenceMOR:MOR = type:ServiceInstance, value:ServiceInstance and URL:https://sxx-vcentre.xxx.xxx.xx:443/sdk

18B4 239C 11/04 01:24:24.672 22 FMComponent.cs(0) WARNING FMBlock: Unknwon exception caught!! Calling exception transformer now OperationCode:Login,

18B4 239C 11/04 01:24:24.672 22 FMComponent.cs(0) WARNING OperationStartTime:11/4/2024 1:23:54 AM,CurrentAttempt:4, Exception:System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.

  1. Windows host is not a domain controller and joined the domain
Azure Backup
Azure Backup
An Azure backup service that provides built-in management at scale.
1,316 questions
{count} votes

9 answers

Sort by: Most helpful
  1. Amardeep Saini 1,410 Reputation points Microsoft Employee
    2024-11-04T08:30:49.9966667+00:00

    @Serge Kovalev Thank you for contacting us on Microsoft Q&A platform. Happy to help!

    Request you to try to login to Vsphere from MABS Server and check if you are able to login to it or not.

    Make sure that public key length size of your vCenter Server certificate should be 2048 bits.

    You can also use below mentioned steps to check the TLS setting on your MABS Server.

    1. There is a freeware tool called IIS Crypto. We recommend you to download the GUI version of it on the following URL: https://www.nartac.com/Products/IISCrypto/Download
    2. Install this tool both on MABS Server machine.
    3. Open the IIS Crypto and click on “Best Practices”.
    4. Click on Apply and reboot the machines.
    5. If you want to change any of the best practices, just make sure to apply the changes before rebooting
    6. A reboot to the machines is required
    7. After doing this, try to connect again.

    If the above steps still not resolve the issue, please share a full stack of logs to understand the issue better so that we can assist you and suggest a resolution accordingly. Looking forward to hear back from you with those details.

    If the suggestions were helpful, click “Accept Answer” and Up-Vote it.


  2. Serge Kovalev 0 Reputation points
    2024-11-12T02:39:09.85+00:00

    Hi Amardeep,

    Thanks for your answer. I've applied best practices as you recommended and restarted the server. Still having same issue as before. Please, find attached log file as requested. If you need more logs, I will have to add them one by one. Answer screen does not allow more than one.

    Regards,

    Serge Kovalev

    0 comments No comments

  3. Serge Kovalev 0 Reputation points
    2024-11-12T02:40:05.3666667+00:00
    0 comments No comments

  4. Serge Kovalev 0 Reputation points
    2024-11-12T02:41:40.67+00:00

    Actually, I could not see any files attached. Can you tell me how to provide all logs to you, please?

    0 comments No comments

  5. Serge Kovalev 0 Reputation points
    2024-11-12T02:44:40.91+00:00

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.