Symptoms
Adding an ESX/ESXi host to vCenter Server fails at 80% You see the error:Cannot install the vCenter agent - Connection timed out In the /var/log/vmware/vpx/vpxa.log file of the host, you see an entry similar to:[root@pvex410 vpx]# [2010-04-08 14:25:59.175 0xf7e5a6c0 error 'App'] [VpxdCertificate] Failed: unrecognized file format: /etc/vmware/ssl/rui.crt In the /var/log/vmware/hostd.log file of the host, you see an entry similar to:[2010-04-08 14:16:54.023 F62EBB90 warning 'Proxysvc Req00038'] Connection to named pipe /var/run/vmware/proxy-vpxa failed with error N7Vmacore15SystemExceptionE(No such file or directory). DNS resolution tests are successful. Ping tests from ESX host to vCenter Server and other ESX hosts via shortname are successful.
Resolution
This issue occurs if the self signed SSL certificates on the ESX/ESXi host are no longer recognised by the vCenter Server. Note: If the hosts are using custom certificates, see Replacing vCenter Server Certificates. To resolve this issue, regenerate the host's self-signed certificates. To regenerate the certificates: Back up SSL certificates with the command:cp /etc/vmware/ssl/rui.* /var/tmp Remove the SSL certificates with the command:rm /etc/vmware/ssl/rui.* Restart the host's Management agents. For more information, see Restarting the Management agents on an ESXi or ESX host (1003490).Notes: Restarting the Management agents of the ESX host regenerates the ESX host's self-signed certificates. To recreate the certificates for ESXi hosts, run this command:/sbin/create_certificates To recreate SSL certificates in ESXi 4.1, run this command: /sbin/generate-certificates.sh To recreate SSL certificates in ESXi 5.x, run this command:/sbin/generate-certificates Connect the host to vCenter Server.
Related Information
Restarting the Management agents in ESXi
