Also i dont get part about Step 6 in http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2033588 there is notes:
- Entries for these SSO services:
- Groupcheck: map
/groupcheckto/sso-adminserverto both SSO HA nodes. - LookupService: map
/lookupserviceto both SSO HA nodes. - Security Token Service: map
/imsto both SSO HA nodes. - Admin server: map
/sso-adminserverto/sso-adminserveron the primary node only.
- Groupcheck: map
BUT also: "Because Groupcheck is present on both of the nodes but Admin server is only present on the primary node, do not use the same path for Groupcheck and Admin server." so how should i understand it?
I take the .pem file (not root cert how its described in the article, i asked about this in the 1st post) and made .properties files and *_id files AND without JAVA_HOME variable i get:
D:\Program Files\VMware\Infrastructure\VMware\CIS\vmware-sso>ssolscli.cmd update
Service -d https://vsso1.mfc22.local:7444/lookupservice/sdk -u Administrator@vsp
here.local -p ********* -si C:\SSOHA\sts_id -ip C:\SSOHA\sts.properties
Intializing registration provider...
Getting SSL certificates for https://vsso1.mfc22.local:7444/lookupservice/sdk
Service with name 'STS for Single Sign On' and ID 'MFC-Central-Office:6ba7e702-6
641-4346-97f7-61f6a00412cb' was updated.
Return code is: Success
0
But:
D:\Program Files\VMware\Infrastructure\VMware\CIS\vmware-sso>ssolscli.cmd update
Service -d https://vsso1.mfc22.local:7444/lookupservice/sdk -u Administrator@vsp
here.local -p ********* -si C:\SSOHA\admin_id -ip C:\SSOHA\admin.properties
Intializing registration provider...
Getting SSL certificates for https://vsso1.mfc22.local:7444/lookupservice/sdk
Error communicating to the remote server https://ssoloadbalancer.mfc22.local:744
4/sts/STSService/vsphere.local
com.sun.xml.internal.ws.client.ClientTransportException: HTTP transport error: j
ava.net.ConnectException: Connection refused: connect
at com.sun.xml.internal.ws.transport.http.client.HttpClientTransport.get
Output(Unknown Source)
at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.proce
ss(Unknown Source)
at com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.proce
ssRequest(Unknown Source)
at com.sun.xml.internal.ws.transport.DeferredTransportPipe.processReques
t(Unknown Source)
at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Unknown Source)
at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Unknown Source)
at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Unknown Source)
at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Unknown Source)
at com.sun.xml.internal.ws.client.Stub.process(Unknown Source)
at com.sun.xml.internal.ws.client.dispatch.DispatchImpl.doInvoke(Unknown
Source)
at com.sun.xml.internal.ws.client.dispatch.DispatchImpl.invoke(Unknown S
ource)
at com.vmware.vim.sso.client.impl.SoapBindingImpl.sendMessage(SoapBindin
gImpl.java:130)
at com.vmware.vim.sso.client.impl.SoapBindingImpl.sendMessage(SoapBindin
gImpl.java:81)
at com.vmware.vim.sso.client.impl.SecurityTokenServiceImpl$RequestRespon
seProcessor.sendRequest(SecurityTokenServiceImpl.java:767)
at com.vmware.vim.sso.client.impl.SecurityTokenServiceImpl$RequestRespon
seProcessor.executeRoundtrip(SecurityTokenServiceImpl.java:697)
at com.vmware.vim.sso.client.impl.SecurityTokenServiceImpl.acquireToken(
SecurityTokenServiceImpl.java:123)
at com.vmware.vim.install.impl.AdminServiceAccess.acquireSamlToken(Admin
ServiceAccess.java:279)
at com.vmware.vim.install.impl.AdminServiceAccess.<init>(AdminServiceAcc
ess.java:170)
at com.vmware.vim.install.impl.AdminServiceAccess.createDiscover(AdminSe
rviceAccess.java:221)
at com.vmware.vim.install.impl.RegistrationProviderImpl.<init>(Registrat
ionProviderImpl.java:56)
at com.vmware.vim.install.RegistrationProviderFactory.getRegistrationPro
vider(RegistrationProviderFactory.java:143)
at com.vmware.vim.install.RegistrationProviderFactory.getRegistrationPro
vider(RegistrationProviderFactory.java:60)
at com.vmware.vim.install.cli.commands.CommandArgumentsParser.createServ
iceProvider(CommandArgumentsParser.java:241)
at com.vmware.vim.install.cli.commands.CommandArgumentsParser.parseComma
nd(CommandArgumentsParser.java:101)
at com.vmware.vim.install.cli.commands.CommandFactory.createUpdateServic
eCommand(CommandFactory.java:351)
at com.vmware.vim.install.cli.RegTool.process(RegTool.java:135)
at com.vmware.vim.install.cli.SsoLsCli.main(SsoLsCli.java:13)
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.security.ssl.SSLSocketImpl.connect(Unknown Source)
at sun.security.ssl.BaseSSLSocketImpl.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.<init>(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.New(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewH
ttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Sour
ce)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getOutputStream(Unknown S
ource)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(Unk
nown Source)
... 27 more
Error communicating to the remote server https://ssoloadbalancer.mfc22.local:744
4/sts/STSService/vsphere.local
Return code is: ServiceNotResponding
2