14 Responses

  1. Eugene
    Eugene at |

    Surprising. I would hazard to guess that given the reputation of the 5.1 vcenter appliance, the difficulty of managing, the difficulty of managing 4.1 certificates, the most common deployment model is this exact scenario [default certs on a 5.1 Windows vCenter Server]. Makes me wonder what the QA matrix looks like and how its executed.

    Reply
  2. Rhin
    Rhin at |

    I'm experiencing the 511 KB problems, and the registry fix didn't work for me. It looks like i am either going to have to rebuild, or go with CA certs.. REALLY FRUSTRATING

    Reply
    1. Matt
      Matt at |

      I am having the same issue, the registry fix did not work, I still get the warning at the start and the installer fails and rolls back. I do have SSO on a seperate machine and protected by Heartbeat so not sure if that's causing issues with it as well..

      Reply
  3. Mark
    Mark at |

    I purchase my certs through us.sslguru.com. Try opening a support ticket if you still have issues they usually reply within an hour or two. Also they have a pretty good and up to date knowledge base.

    Reply
  4. zSprawl
    zSprawl at |

    Make sure you reboot a lot in between the steps of the fix. I had to rollback to pre-SSO update, reboot, change registry, reboot, then install SSO. You will still see the warning, but it completed.

    Reply
  5. James
    James at |

    From the KB: "If the registry key value is set to the FQDN value you see in the certificate, your system is not affected by this issue."

    – Mine is set correctly, but I still see the Error 25000 warning upon launching the installer. Just a heads up for anyone else working through this that even in the workaround configuration, you may still see a warning. But hopefully the installer still completes successfully.

    Reply
  6. Single Sign-On Warning 25000 » boche.net – VMware vEvangelist

    […] The Trouble With SSL Certificates and Upgrading to VMware SSO 5.5 – Then I took a look at Michael Webster’s blog article on precisely the same error message.  Michael briefly discusses the two SSL certificate deployment models and then digs into VMware KB 2060511 mentioned above.  While the information in Michael’s blog article reassured me I was not alone in my journey, KB 2060511 didn’t solve my problem either.  But sometimes the value of blog articles is not only in the original author’s content, but also in the follow up comments from the readers.  Such was the case here.  A number of Michael’s readers responded by saying they were essentially in the same boat I’m in – it sounds like KB 2060511, but in the end this article doesn’t have the solution.  The readers found no choice but to push onward beyond Warning 25000 with fingers crossed.  As it turned out in my as well as with some others, Warning 25000 was benign in nature and the installation completed successfully with no rollback. […]

  7. Fabian Lenz
    Fabian Lenz at |

    HAve you tried to set the JAVA_HOME variable? I kind of had the same in a environment…
    http://www.vxpertise.net/2013/11/vcenter-sso-upda

    Reply
  8. Manny Sidhu
    Manny Sidhu at |

    Hi Mike, have you heard back from VMware Support about the trouble ticket you logged with them? I am keen to find out as I'm going to upgrading a major customer from 5.1 to 5.5.

    Thanks
    Manny

    Reply
  9. VMware Link Collection | Life
    VMware Link Collection | Life at |

    […] The Trouble With SSL Certificates and Upgrading to VMware SSO 5.5 (Long White Clouds) Single Sign-On (SSO) Improvements in vSphere 5.5 (Petri) Issues with authentication when running vSphere 5.5 with AD and SSO server on Windows Server 2012 (Shogan.tech) What is new in VMware Single Sign-On 2.0 (UP2V) A Look At vCenter 5.5 SSO RC Installation (VMware vEvangelist) Allow me to introduce you to vCenter Single Sign-On 5.5 (VMware vSphere Blog) vCenter Single Sign-On 5.5 Not Recognizing Nested Active Directory Groups (VMware vSphere Blog) vCenter Single Sign-On “Cannot parse group information” Error (VMware vSphere Blog) vCenter Single Sign-On 5.5 – Backwards Compatible? (VMware vSphere Blog) vSphere 5.5 Improvements Part 7 – Single Sign On Completely Redesigned (Wahl Network) Using Active Directory Integrated Windows Authentication with SSO 5.5 (Wahl Network) What’s New in vCloud Suite 5.5: vCenter Server SSO (WoodITWork) […]

Leave a Reply