XenDesktop Studio error : Unable to contact the hypervisor

Hypervisor: vSphere 5.x / ESXi 5.x
Desktop Virtualization software: XenDesktop 5.x
Error: Unable to connect to hypervisor….while connecting to the vcenter server using the Xendesktop deployment wizard
When configuring initial connectivity between XenDesktop and vSphere hypervisor, HTTPS communication is required for secure communication between the XenDesktop Desktop Delivery Controller (DDC) and the vCenter server. The default certificates that are provided with vSphere do not support communication with the DDC. In order to properly configure and secure communication, we need to use certificates that are signed by a commercial Certificate Authority (CA) or self-signed certificates on the vCenter server systems and the XenDesktop DDC.
Due to the mismatch in the vcenter server address (FQDN) in the certificate, the xendesktop was unable to communicate to the vcenter server throwing SSL certificate error. Added the below line in the Xendesktop Controller(aka DDC) server host file – C:\Windows\System32\drivers\etc\hosts (open with notepad and edit the file)
<vCenter Server IP Address> <hit tab key> <vCenter Server FQDN>
So address in XD should be in the format https://<ControllerFQDN or IPAddress>/sdk .
Alternate troubleshooting thoughts to fix this from vCenter certificate perspective is based on your situation:
  • Add <vCenter Server FQDN> as a CNAME (aliases) in DNS for the vcenter server
  • Add <vCenter Server FQDN> as one of the names in the certificate route field (SAN=subject alternate name)
  • Issue a new SSL certificate with the correct name for vcenter Server (appropriate FQDN and/or aliases (if any)
vSphere – Specific Issues (http://support.citrix.com/article/CTX131512 )
If you are attempting to use HTTPS to communicate with vSphere, you must ensure that an appropriate SSL certificate is trusted by every XenDesktop Controller in the site. Details on how to do this if you are using the default vCenter certificate can be found in the product documentation.
If you are attempting to use HTTP to communicate with vSphere, ensure you have modified the vCenter configuration appropriately. Details on how to do this can be found in CTX125578 – XenDesktop Error: The hosting infrastructure could not be reached at the specified address
Ensure you are attempting to communicate with vCenter, not directly with an instance of ESXi.
Ensure that the URL you have specified for vCenter ends in /sdk, unless you have reconfigured your vCenter to use a different path.
[Lines in RED were important for us to know if vCenter server or ESXi host was required by Xen DDC to connect.]
To protect vSphere communications, Citrix recommends that you use HTTPS rather than HTTP. HTTPS requires digital certificates. Citrix recommends you use a digital certificate issued from a certificate authority in accordance with your organization’s security policy. If you are unable to use a digital certificate issued from a certificate authority, and your organization’s security policy permits it, you can use the VMware-installed self-signed certificate, with vSphere 4 or 4.1. To do this, login (RDP) to the XenDesktop Controller (aka DDC) and follow the below steps on the server itself:
  • Add the fully qualified domain name (FQDN) of the computer running vCenter Server to the hosts file on that server, located at %SystemRoot%/WINDOWS/system32/Drivers/etc/. Note that this step is required only if the FQDN of the computer running vCenter Server is not already present in the domain name system.
  • Open Internet Explorer and enter the address of the computer running vCenter Server as https://FQDN.
  • Accept the security warnings.
  • Click the Certificate Error in the Security Status bar and select View certificates.
  • Click Install certificate, and then click Next.
  • Select Place all certificates in the following store, and then click Browse.
  • Select the Show physical stores check box.
  • Expand Trusted People and select Local Computer.
  • Click OK, and then click Finish.
Citrix edocs reference – http://support.citrix.com/proddocs/topic/xendesktop-rho/cds-vmware-rho.html 

About cloudray

Predominantly based around Virtualization, but will include other technology related information and anything else I find interesting and feel the need to share with you. I also use this Blog as both a place to store useful information that I think that will come in handy to me at some point in the future, and also a place to help aid my learning. I find a great way to learn about something is to research about it and then write it up in my own words. I'm Pushpal Ray, from India. As a certified VCP3/4/5 professional, I am currently working as an Independent Consultant. Over 10 years of IT-industry experience, currently focused around the Desktop Virtualization(End-User Computing). I also have extensive experience in Windows Administration, Datacenter Migration, Workload profiling & benchmarking. At my leisure, I enjoy hiking, running, photography, spend hours in my fav coffee shop & spend quality time with my wife. Occasionally, catch up with few friends for a drink!
This entry was posted in Desktop Virtualization, Enterprise Virtualization, XenDesktop and tagged , . Bookmark the permalink.

5 Responses to XenDesktop Studio error : Unable to contact the hypervisor

  1. lol says:

    I’ve found that I was only able to do this portion: “Expand Trusted People and select Local Computer.” by logging in as the local administrator, once i did this it gave me the option for local computer to save cert. THanks for the write up.

  2. Saidi Mwazola says:

    Thanks mate! You saved my day!

  3. Diego Bordini says:

    Hello, how are you? I had a question…I miss my vcenter and, I had build e new vcenter. After this, my XD7.1 miss the relationship with new Vcenter. I use HTTP conections. I change the proxy.xml to able http conections, but, not work. I read in some places can be certificate issue. The simple task is re-import the certificate from new vcenter into XD7…but, how I can do this? Tks a lot

  4. Wahid Mirza says:

    Awesome, after spending a day I finally able to fix my issue. Keep up the good work my friend.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s