Symptom
Error Code 91:50: Unable to connect to Virtual Machine host [...] as user [...].
Cause
There is a change introduced by Microsoft for certificates.
From the vsbkp.log located on the server where the Virtual Server Agent is installed:
1724 a28 10/10 18:02:29 36080 CVMWareInfo::Connect() - Connecting to Url=[https://server.company.com/sdk] User=[domain\userid] 1724 1 10/10 18:02:41 36080 ### CVIWrapper::Connect --- Connection failed with [Connect failed System.Net.WebExceptionSystem.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure. at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) --- End of inner exception stack trace --- at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request) at System.Web.Services.Protocols.HttpWebClientProtocol.GetWebResponse(WebReque st request) at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters) at VimApi.VimService.RetrieveServiceContent(ManagedObjectReference _this) at VISDKWrapper.SvcConnection.Connect(String url, String username, String password) at VISDKWrapper.CVIWrapper.Connect(String strUrl, String strUser, String strPwd)] 1724 a28 10/10 18:02:41 36080 CVMWareInfo::Connect() - VISDKCppBridge::Connect failed 1724 a28 10/10 18:02:41 36080 vsbkp::addVMsAsSimpanaClients() - Failed to connect to server [server.company.com domain\userid]
Resolution
Ensure that the proxy is able to communicate with the host and that the user account and password are correct.
Please review the following links:
-
Microsoft Security Advisory (2661254): Update For Minimum Certificate Key Length
-
Microsoft Security Advisory: Update for minimum certificate key length.
Follow the instructions in the following sections under "Resolutions" in this article:
-
Increase the key size for certificate issued through certificate autoenrollment.
-
Allow key lengths of less than 1024 bits by using registry settings.
-
For VMware please review: