VMware vCenter Server rescan failed with “Could not create SSL/TLS secure channel” error

KB ID: 2670
Product: Veeam Backup & Replication
Version: all
Published:
Last Modified: 2018-06-18

Challenge

When trying to add or to rescan VMware vCenter Server you get the “The request was aborted: Could not create SSL/TLS secure channel” error message in Veeam shell. 

Cause

The issue will happen during TLS handshake between Veeam server and VMware vCenter Server if its certificate signature is generated by algorithm which is not supported by OS of Veeam server.
Following OS are affected: Windows Server 2008R2, Windows Server 2012, Windows Server 2012R2.
Wireshark analysis example: https://blogs.msdn.microsoft.com/friis/2012/08/29/tls-1-2-handshake-failure/
 

Solution

Please install this Microsoft update to resolve the issue:
https://support.microsoft.com/en-us/help/2973337/sha512-is-disabled-in-windows-when-you-use-tls-1-2
You can also add the necessary signature and hash algorithm manually in registry:
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Cryptography\Configuration\Local\SSL\00010003
Value: Functions

Reboot Veeam server to apply changes.
 

How helpful is this article: 
5 out of 5 based on 3 ratings

Couldn't find what you were looking for?

Below you can submit an idea for a new knowledge base article.

Request new content

Report a typo on this page:

Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!

Orphus system