VMware vCenter Server rescan failed with “Could not create SSL/TLS secure channel” error

KB ID: 2670
Product: Veeam Backup & Replication
Version: all
Published:
Last Modified: 2018-06-18

Challenge

When trying to add or to rescan VMware vCenter Server you get the “The request was aborted: Could not create SSL/TLS secure channel” error message in Veeam shell. 

Cause

The issue will happen during TLS handshake between Veeam server and VMware vCenter Server if its certificate signature is generated by algorithm which is not supported by OS of Veeam server.
Following OS are affected: Windows Server 2008R2, Windows Server 2012, Windows Server 2012R2.
Wireshark analysis example: https://blogs.msdn.microsoft.com/friis/2012/08/29/tls-1-2-handshake-failure/
 

Solution

Please install this Microsoft update to resolve the issue:
https://support.microsoft.com/en-us/help/2973337/sha512-is-disabled-in-windows-when-you-use-tls-1-2
You can also add the necessary signature and hash algorithm manually in registry:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010003
Value: Functions

Reboot Veeam server to apply changes.
 

Rate the quality of this KB article: 
5 out of 5 based on 3 ratings

Couldn't find what you were looking for?

Below you can submit an idea for a new knowledge base article.

Request new content