Skip to main content

Hello,

I'm facing a challenging situation with our Veeam server and vCenter, and I'm seeking assistance to resolve this issue. Here's the scenario:

Our Veeam server is not part of our domain.

Our domain computers are signed with our Domain Controller (DC) as their root certificate.

The vCenter is  not part of the domain.

However, the vCenter certificate is assigned by our DC, which acts as the root certificate authority.

The primary issue arises when attempting to update the vCenter. I encounter an error, and I've attached a screenshot for reference.

Furthermore, it's worth noting that our Veeam server is also not a member of the domain. We are utilizing Veeam Enterprise Manager.

I am seeking guidance on how to resolve this matter. What steps or configurations should I consider to ensure a smooth update process for our vCenter and resolve the certificate-related errors?

Any help or insights would be greatly appreciated. Thank you in advance for your assistance.

 

 

 

Keep in mind this is a Veeam community not VMware for posting for help.

Try this link from VMware KB - https://kb.vmware.com/s/article/93526#:~:text=The%20file%20server%20that%20hosts%20the%20OVF%20and%2For,SSL%20certificate%20is%20not%20trusted%20by%20the%20system.

Also if you use CDP try removing it so the I/O Filter is removed. That was the cause of this for me and then I could upgrade vCenter.


Thank you for your response.

I think it's related to the Veeam server and not VMware, as the error pertains to Veeam.

I have already followed your provider's steps, but the issue still exists.

The CA of vCenter is installed under the Trusted Root CA, but the issue still persists.

 

 


Yes it is related to Veeam and CDP I/O filter possibly.  That is the issue I had and had to remove it from each host and reboot.


noticed that the relationship is between the vCenter and Veeam. We are using Veeam, which is not a member of the domain. I have just removed the plugin from the vCenter, and I am currently rebooting the vCenter. Let's hope it works for now.


noticed that the relationship is between the vCenter and Veeam. We are using Veeam, which is not a member of the domain. I have just removed the plugin from the vCenter, and I am currently rebooting the vCenter. Let's hope it works for now.

It should fix it.


unfortunately the issue still exisit, i cannot seem to find the cause, Why vCenter complaining about VEEAM.
But i'll start talking to vMware

 


unfortunately the issue still exisit, i cannot seem to find the cause, Why vCenter complaining about VEEAM.
But i'll start talking to vMware

 

Again, are you using CDP at all and have the I/O Filter drivers installed in VMware?  That was the cause of my issue with a similar message and once removed that resolved my update problem.  I am sure VMware will help solve it.


Yes we are using CDP and all Drivers are installed and updated.
do you mean remove the I/O on the hosts?

 


Yes we are using CDP and all Drivers are installed and updated.
do you mean remove the I/O on the hosts?

 

Yes, and within the Cluster/vCenter.  This is what caused my upgrade to fail.  I guess one of the downsides to upgrade so quick to U2.  😋


@Chris.Childerhose 

, thank you for your answers. I'm not entirely sure if I understood correctly, but are you suggesting that I should remove the I/O Filters from the vCenter using the Cluster?

When I access the cluster, and navigate to the configuration and I/O filters, I can see the filters with their version numbers, but I don't have any options to remove them.

The installed version is 12.0.1008-1OEM.800.1.0.20613240, as indicated in the attached screenshot.

As far as I know, I/O filters can be uninstalled from VEEAM and not directly from vCenter. If I misunderstood your suggestion, I apologize.

Could you please clarify the steps on how to remove them?


@Chris.Childerhose

, thank you for your answers. I'm not entirely sure if I understood correctly, but are you suggesting that I should remove the I/O Filters from the vCenter using the Cluster?

When I access the cluster, and navigate to the configuration and I/O filters, I can see the filters with their version numbers, but I don't have any options to remove them.

The installed version is 12.0.1008-1OEM.800.1.0.20613240, as indicated in the attached screenshot.

As far as I know, I/O filters can be uninstalled from VEEAM and not directly from vCenter. If I misunderstood your suggestion, I apologize.

Could you please clarify the steps on how to remove them?

Yes, use Veeam console to edit the Cluster and remove the I/O Filter drivers.  Then after that ensure to reboot the hosts so that is gone.  That will fix the upgrade issue with the URL you are seeing.


@Chris.Childerhose thank you i'll go ahead and test it.

this mean we'll have to reinstall it after the update ? otherwise our CDP will stop working.

 


@Chris.Childerhose thank you i'll go ahead and test it.

this mean we'll have to reinstall it after the update ?

Yes, you will if it works with U2.  I have not tested it myself and just left it off for now.  Will probably retest it with 12.1 when it comes out.


@Chris.Childerhose what are you using for replication? are you using VEEAM Replication instead of CDP?

 


@Chris.Childerhose what are you using for replication? are you using VEEAM Replication instead of CDP?

 

I did test CDP and have used both for Veeam. They are for different situations as well.


I removed the CDP I/O and rebooted the hosts; however, the issue still persists. The system is continuing to generate complaints. I've already rebooted both the vCenter and ESXi servers, but the problem remains unresolved.


I removed the CDP I/O and rebooted the hosts; however, the issue still persists. The system is continuing to generate complaints. I've already rebooted both the vCenter and ESXi servers, but the problem remains unresolved.

That is weird. Is the I/O filter showing at the cluster level or any host still?  I know once I did this I was able to upgrade.  Unsure now but a support case with VMware maybe.


I removed the CDP I/O and rebooted the hosts; however, the issue still persists. The system is continuing to generate complaints. I've already rebooted both the vCenter and ESXi servers, but the problem remains unresolved.

That is weird. Is the I/O filter showing at the cluster level or any host still?  I know once I did this I was able to upgrade.  Unsure now but a support case with VMware maybe.

At the cluster level, the CDP I/O has been removed, and I've already rebooted the vCenter, VEEAM, and all the hosts. However, the I/O issue is persisting. I'm currently in contact with VMware support, and their suggestion is to deploy a new vCenter and migrate the configuration to the new vCenter. This issue continues to baffle us.

 

when i access the veeam 

https://veeam:33034/ its errors out over SSL i beleive the issue is related to veeam.

but when i access https://veeam:9443/ the certificate is accepted.

so i think the veeam is using the wrong protocol.

 


You can always try this on the hosts - https://www.42u.ca/2021/01/14/manually-removing-i-o-filters-from-vsphere/#:~:text=In%20short%3A%201%20put%20your%20host%20into%20maintenance,out%20of%20maintenance%20mode%20%E2%80%93%20no%20reboot%20required

It works as I used it on mine.


i have already followed those steps.

when i run esxcli software vib remove -n veecdp

esxcli software vib remove -n veecdp [NoMatchError] No VIB matching VIB search specification 'veecdp'. Please refer to the log file for more details. the CDP start acting strange after we removed the Veeam from the domain


i have already followed those steps.

when i run esxcli software vib remove -n veecdp

esxcli software vib remove -n veecdp [NoMatchError] No VIB matching VIB search specification 'veecdp'. Please refer to the log file for more details. the CDP start acting strange after we removed the Veeam from the domain

Well best to stick with support at this point.


Comment