Be Mindful of vSphere Client Versions When Working with OVAs

A colleague of mine was working with an OVA had used several times before.  After upgrading ESXi with the Heartbleed patches (5.5 Update 1a) he found that he received a generic connection failed error when uploading the OVA.

(Note:  in this drill there is no vCenter but we were connecting directly to the ESXi host)

I noticed that his vSphere client was a slightly older build — pre Heartbleed but new enough that it would appear to work fine with the 5.5 host. Knowing that Heartbleed is about SSL I recommended that he update the vSphere client to the same build that was released with the Heartbleed patch.  This changed the error but did not fix the problem. Not sure what the exactly underlying issue is but the existing OVAs (that were created with 5.5) could no longer be deployed.

Using the latest vSphere client he tried exporting the source VMs into a new OVA and was able to import with no issues.

I’m not sure of the exact interaction but I’m assuming that the OVAs are signed with the private key and that somehow the Heartbleed patch “breaks” some interaction here such that the OVA is not accepted. Perhaps there will be a KB on this in the future but for the time being make sure that you have the latest build of the vSphere Client when creating and importing OVAs.

One Response to Be Mindful of vSphere Client Versions When Working with OVAs

  1. Zoe says:

    Hello i am so delighted I devcosired your blog, I actually devcosired you by error, while I was searching Yahoo for something else, Anyways I am here now and would just like to say thanks for a great blog posting and a all round absorbing blog (I also love the theme/design), I do not have time to read it all at the right now but I have bookmarked it and also added your RSS feeds, so when I have time I will be back to read more,

Leave a Reply

Your email address will not be published. Required fields are marked *