Certificate Error During Datastore Upload

I have recently rebuilt my home lab – an all too common occurrence due to the number of times I intentionally try to break things. In the process of rebuilding, I had some ISO files I wanted to copy over to a datastore. The process failed and the Web Client greeted me with an uncharacteristically long error message.

The exact text reads:

“The operation failed for an undetermined reason. Typically, this problem occurs due to certificates that the browser does no trust. If you are using self-signed or custom certificates, open the URL below in a new browser tab and accept the certificate, then retry the operation.”

In my case, the URL that it listed was to one of my ESXi hosts in the compute-a cluster called esx-a2. The error then goes on to reference VMware KB 2147256.

It may seem odd that the vSphere Client would be telling you to visit a random ESXi host’s UI address when you are trying to upload a file via vCenter. But if you stop to think about it for a second, vCenter has no access whatsoever to your datastores. Whether you are trying to create a new VMFS datastore, upload a file or even just browse, vCenter must rely on an ESXi host with the necessary access to do the actual legwork. That ESXi host then relays the information back through the Web Client.

vCenter Server will broker the initial connection between your client workstation and the ESXi host, but ultimately, the client machine must be able to access the ESXi host vCenter has selected via HTTPS. If your lab is like mine, self-signed certificates are everywhere and ESXi is no different. I had visited the vSphere Client UI on several of my hosts since the rebuild, but esx-a2 was not one of them.

As you can see above, the self-signed certificate is not trusted in Firefox. If the browser disallows HTTPS to esx-a2, the file upload can’t proceed. Once I added an exception, I was able to upload my file successfully: