Description
Attempting to connect to a newly installed ESXi 5.1 or 5.5 (or later) server from a VSphere client on Windows XP, produces an error, indicating the connection request is too short and did not complete.
Connections to ESXi 5.0 which previously worked and may start failing in a similar way, on all versions of Windows. Web browser, on Windows, OSX and Linux, will also fail to connect to the management Web site.
The failure is caused by VMWare uprating the SSL cipher strength, beyond what is supported by Windows XP.
Fix
To workaround the issue, a config.xml file must be edited on the ESXi host.
For ESXi 5.1 and 5.5 the location is
File: /etc/vmware/rhttpproxy/config.xml
For ESXi 5.0 the location is
File: /etc/vmware/hostd/config.xml
By default ESXi does not install nano or any other screen based editor. The quickest way to edit the file is to use the installed vi command but requires familiarity with Vi's arcane keyboard command strings.
Tip. To exit Vi use [esc]:q!
For those uncomfortable with Vi.
Enable ssh on the ESX host, from the consoles trouble shooting menu.
Use an SFTP client (Cyberduck, WinSCP) to connect to the ESXi host and navigate to the file
/etc/vmware/rhttpproxy/config.xml
Open the file in a text editor and locate the <vmacore> node
Edit the SSL sub-node as follows. XML files are case sensitive.
<vmacore>
... <ssl>
<doVersionCheck> false </doVersionCheck>
<useCompression>true</useCompression>
<libraryPath>/lib/</libraryPath>
<handshakeTimeoutMs>120000</handshakeTimeoutMs>
<cipherList>ALL</cipherList>
</ssl>
... </vmacore>
Save the file and restart the rhttpproxy service on the ESXi host
For ESXi 5.1 and 5.5
/etc/init.d/rhttpproxy restart
For ESXi5.0
/etc/init.d/hostd restart/etc/init.d/vpxa restart
« Go back
Powered by Help Desk Software HESK, in partnership with SysAid Technologies
Loading knowledgebase suggestions...