I just wanted to make people aware of a new VMware Knowledge Base (KB) article that has been published regarding Log Insight 2.0.
Upon upgrading, some people who had vSphere integration configured received a failed to collect notification and some who added new vSphere integration received an error. In both situations, a SSL error message is seen:
HTTP transport error: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates does not conform to algorithm constraints
The issue has to do with vCenter Server 4.x instances that have been upgraded to vCenter Server 5.x. In vCenter Server 4.x, a 512-bit SSL key was used while vCenter Server 5.x uses a 1024-bit key (for security reasons). When vCenter Server is upgraded, the SSL certificate is not modified. Log Insight 2.0 requires at least a 1024-bit key for security reasons. The solution is to upgrade the SSL certificate on your vCenter Server instances, which is a great security practice anyway. For more information see this KB.
© 2014, Steve Flanders. All rights reserved.