Skip to content

Citrix Studio Hypervisor Connection Error – Cannot connect to the VMWare vCenter Server due to a Certificate Error

When trying to configure a VMware vCenter based hypervisor connection within Citrix Studio in order to gain access to its resources, i.e. attached storage, et al, and utilize either PVS and/or MCS for VM management, you might receive the following error in case a self-signed certificate is in place on the vCenter server:

"Cannot connect to the vCenter server due to a certificate error. Make sure that the appropiate certificates are installed on the vCenter server, and install the appropiate certificates on the following machines: <FQDN XD Controller>"

citrix_studio_icon

To remedy this issue you have to install the issuer’s certificate on the XD 7.x Controller within the Third-Party Root Certification Authorities certificate store.  The corresponding certificate can be found on the Virtual Center Server under C:\ProgramData\VMware\VMware VirtualCenter\SSL and is usually named cacert.pem.

Note: for Windows Servers prior to 2008 the file location is C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL

Note: in case your vCenter Server is based on a Linux Appliance instead of Windows Server pls read this blog article.

citrix_studio_ssl_2

In order to import it onto your XD 7.x Controller launch a MMC and add the Certificates snapin for your Local Computer and expand Third-Party Root Certification Authorities > Certificates.

With corresponding administrative privileges you can directly navigate to \\<FQDN of vCenter server>\C$\ProgramData\VMware\VMware VirtualCenter\SSL and select the required certificate; make sure you select All Files (*.*) to display pem file extensions as well:

citrix_studio_ssl_4

Complete the Certificate Import Wizard:

citrix_studio_ssl_5

Make sure to select the right certificate store by browsing to Third-Party Root Certification Authorities and click Next:

citrix_studio_ssl_6

citrix_studio_ssl_7

After that copy the newly imported certificate to the Trusted Root Certification Authorities certificate store as well:

citrix_studio_ssl_8

Now you should be able to succesfully connect to your vCenter Server with Citrix Studio. Simply verify by navigating to your vCenter Server's URL https://<FQDN of vCenter Server>/ with IE and make sure no certificate warnings show up:

citrix_studio_ssl_9

Now connect Citrix Studio to https://<FQDN of vCenter Server>/sdk with appropiate administrative privileges:

citrix_studio_ssl_10

All done!

Further reading:

Leave a Reply