Azure Backup
An Azure backup service that provides built-in management at scale.
1,290 questions
MABS Server cannot connect to the vCenter Error 33623
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(288, 53%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Serge Kovalev
0
Reputation points
Hello Team, I have installed MABS server and cannot connect to the vCenter. vCenter version is 8.0
Please, read carefully before answering because all I could find over the Internet and on the Learn network Q&A was already applied.
- Certificates were loaded into Trusted. I have also tested by disabling certificate check as below. Same result.
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft Data Protection Manager\VMWare]
"IgnoreCertificateValidation"=dword:00000001
- I have tested connectivity to the vCenter via browser from the same Windows server - it works
- I elevated user to the Full Admin on the vCenter - MABS cannot connect
- I have added registry keys to force TLS 1.2 as below, restarted host server, deleted vCenter connection in MABS, deleted user credentials, added them back - same error
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v2.0.50727] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft.NETFramework\v4.0.30319] "SystemDefaultTlsVersions"=dword:00000001 "SchUseStrongCrypto"=dword:00000001
- Log shows SSL/TLS tunnel error
18B4 239C 11/04 01:24:36.272 05 genericStatus.cpp(1112) 8031E91F-6798-4667-9DCA-DDD5A0E10666 WARNING Error while getting VMWare server verion sxx-vcentre.xxx.xxx.xx. HR = fd1d1020
18B4 239C 11/04 01:24:36.272 05 genericStatus.cpp(1100) [00000290FC5D0BB0] 8031E91F-6798-4667-9DCA-DDD5A0E10666 WARNING Parameter: [0x80990ef0], VMWareErrorMessage = The request was aborted: Could not create SSL/TLS secure channel.
18B4 239C 11/04 01:24:24.125 22 VMWareServer.cs(237) NORMAL Calling VMWareAPI:RetrieveServiceContent with argument serviceReferenceMOR:MOR = type:ServiceInstance, value:ServiceInstance and URL:https://sxx-vcentre.xxx.xxx.xx:443/sdk
18B4 239C 11/04 01:24:24.672 22 FMComponent.cs(0) WARNING FMBlock: Unknwon exception caught!! Calling exception transformer now OperationCode:Login,
18B4 239C 11/04 01:24:24.672 22 FMComponent.cs(0) WARNING OperationStartTime:11/4/2024 1:23:54 AM,CurrentAttempt:4, Exception:System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
- Windows host is not a domain controller and joined the domain
9 answers
Sort by: Most helpful
-
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 57.99999999999999%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Amardeep Saini 1,255 Reputation points Microsoft Employee2024-11-12T14:00:12.59+00:00 - Open Run Prompt and run gpedit.msc
- Navigate to "Administrative Templates > Network > SSL Configuration Settings"
- Open SSL Cipher Suite Order
- Select Enabled
- Paste the list of suites below into the text box (make sure there are no spaces)
- Click Apply
- Restart the server
SSL SUITES:
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256,TLS_DHE_RSA_WITH_AES_256_CBC_SHA,TLS_DHE_RSA_WITH_AES_128_CBC_SHA,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384_P384,TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384_P384,TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256,TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256,TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256,TLS_DHE_DSS_WITH_AES_128_CBC_SHA,TLS_DHE_DSS_WITH_AES_256_CBC_SHA
Ideally these suits should work for connecting to Vsphere client. You should be able to find a full list and more info on the suites here https://learn.microsoft.com/en-us/windows/win32/secauthn/cipher-suites-in-schannel?redirectedfrom=MSDNIf the suggestions were helpful, click “Accept Answer” and Up-Vote it.
-
Serge Kovalev 0 Reputation points
2024-11-14T03:41:41.4266667+00:00 -
Serge Kovalev 0 Reputation points
2024-11-14T03:43:24.22+00:00 Still same issue. I can confirm that ciphers were under the admin templates after the restart. I've uploaded another set of logs - those recently modified by the system. Please, note it is a zip-file with added .txt extension.
Sign in to comment -
-
Serge Kovalev 0 Reputation points
2024-11-14T03:45:14.7066667+00:00 Still same issue. I can confirm that ciphers were OK under the Admin templates after reboot. I've uploaded a set of logs recently modified by the system. Please, note it is a zip-file with added .txt extension. Otherwise I would not be able to upload.
-
Amardeep Saini 1,255 Reputation points Microsoft Employee
2024-11-14T08:18:48.3033333+00:00 Did you tried to login to Vsphere client from MABS Server to check if it is working or not?
Sign in to comment -