vCenter 6.5 Enhanced Authentication Plugin Not Working

Hi all – a new issue has cropped up in the latest (or later) versions of Chrome involving the vCenter Server Enhanced Authentication Plugin.  When navigating to your vCenter Web Client (Flash) page, the browser no longer allows you to check the “Use Windows session authentication” box.  This is, of course, with the assumption that you’ve already installed the plugin and it was previously working.

See the image below:


This turns out to be an issue with self-signed certificates involved with the plugin service itself.  If you press your F12 key while on the https://[vcenter]/vsphere-client/?csp site, you’ll find that behind the scenes Chrome is complaining about a bad cert:

To fix this, you just need to navigate to https://vmware-plugin:8094 and Advanced and then Proceed.

Note:  For this who are interested, the reason your machine is able to resolve https://vmware-plugin is because during the installation of the plugin your hosts file is manipulated to point vmware-plugin to 127.0.0.1

Once you’ve done this, you’ll be able to check the Use Windows session authentication box and carry on as you had previously.  I am not which release of Chrome broke this functionality (for the better, honestly) but I noticed it around Version 58.0.3029.110.

The truth is VMware needs to reissue a certificate that is valid and I am sure they’ll be doing that with the next vCenter announcement.

Let me know if you guys have any issues performing these steps!

Thanks for reading!

Author: Jon

Share This Post On

16 Comments

  1. Hello
    great share.
    In my opinion the most stable cccam are those from Fishbone IPTV cloud
    I would like to see more posts like this
    Thanks

    Post a Reply
  2. Hello
    great share.
    In my opinion the great premium iptv servers are those from fishbone cloud
    I would like to see more posts like this
    Thanks

    Post a Reply
  3. Thanks for this post. There was an additional item to do for FireFox Quantum (version 60) – go to the vCenter’s FQDN in the browser and click the link at the bottom right “Download trusted root CA certificates”. Install the 2 CRT files in the Local Machine in the Trusted Root Certificate Authorities store. Then following your instructions finally got the integration plugin to work.

    Post a Reply
  4. worked like charm 🙂

    Post a Reply
  5. Great spot. Thank you do much for this, Firefox now working, yay!!

    Post a Reply
  6. Thanks.
    Helped in Chrome and in Firefox.

    Post a Reply
  7. This does not work for me.. I have the lines in my host file but when i try to goto the url with or without the port it fails to load page.. doesnt matter if it is firefox or chrome. So not sure what else to try.. Any suggestions? I have confirmed it is installed so it just isnt working as you state it should

    Post a Reply
    • I think I figured out my issue with not being able to goto the url is that when I checked the VMware CIP Message Service was not running even though it was set to automatic. I switched it to auto(delayed) and started it and was able to goto the URL and approve the SSL..

      Post a Reply
      • Hello

        I have done everything that has been suggested here but I still got “This site can’t be reached”.
        Anyone that have some ideas ?

        Post a Reply
        • Have you tried different browsers?

          Post a Reply
          • Absolutely – just in a sort of broken state with all the support for plugins dropping lately.

      • How do I check to see if this is running or not?

        Post a Reply
  8. Very useful. Thank you.

    Post a Reply

Trackbacks/Pingbacks

  1. vCenter 6.5 Enhanced Authentication Plugin not working – $bLOG - […] www.jonkensy.com Author FabianPosted on 2017-08-09Categories VMwareTags cip, eap, vcenter, […]

Submit a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Share This
%d bloggers like this: