Discussions specific to the VMware vSphere hypervisor
Post Reply
scottlee
Lurker
Posts: 2
Liked: never
Joined: Apr 08, 2015 3:29 pm
Contact:

VixDiskLib connection error

Post by scottlee » Apr 08, 2015 3:36 pm

Hello,
I have installed Veeam v7 in our infrastructure. Previously, we had disabled SSLv3 on our vCenter via editing the tomcat-server.xml file and one other file (I can't remember which at the moment) to disable SSLv3 on ports 443 and 9443. Veeam is working right now, but always fails on hotadd and fails over to NBD. I see in the logs a 'HttpConnectionPool-000000' error where it says Connect failed to <cs p:0000000001277a20, TCP:vcenterhostname:443> SSLException. However, backups do succeed carefully. I was wondering:

I read that Veeam does not yet support the VDDK 5.5.4, which has support for TLS1. So, it uses SSLv3 by default. However, if we had disabled SSLv3 on port 443 on vCenter, will this cause hotadd to fail? Why would hotadd fail but the backup proceed, if it in fact cannot connect to vcenter? It does say it eventually connects to vcenter, is it failing over to port 80 or something?

Vitaliy S.
Product Manager
Posts: 22301
Liked: 1414 times
Joined: Mar 30, 2009 9:13 am
Full Name: Vitaliy Safarov
Contact:

Re: VixDiskLib connection error

Post by Vitaliy S. » Apr 08, 2015 7:45 pm

Hello,

Can you please tell us why did you disable SSLv3? Can't comment on why you have this error message (further logs review is required here), so please let our support team take a look them. Also do you see the same behavior with v8?

Thank you!

Gostev
SVP, Product Management
Posts: 24019
Liked: 3254 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: VixDiskLib connection error

Post by Gostev » Apr 09, 2015 12:26 am 1 person likes this post

Because of this:
Image

scottlee
Lurker
Posts: 2
Liked: never
Joined: Apr 08, 2015 3:29 pm
Contact:

Re: VixDiskLib connection error

Post by scottlee » Apr 09, 2015 6:22 pm

Exactly! We got a directive from our security team/customer that SSLv3 is no longer secure, and that we'd have to disable it everywhere. On the vCenter server, I tried to re-enable SSLv3, but can't remember exactly how it's done. I know how to turn it off on the web client (tomcat-server.xml), but that's 9443, not 443 like I think the job references. I searched VMware, but it appears that they have deleted the KB that I originally got the information from: kb2093354. Would anybody happen to know the steps needed to take?

Post Reply

Who is online

Users browsing this forum: denis.belimenko, Google [Bot], mazl7 and 30 guests