Hyper-V virtual machine connection failed – Authentication certificate issues
We run a lot of virtual machines at Black Marble. Our virtual machines run on Hyper-V and we’ve got things setup so we can connect to them from desktop machines within Black Marble. I was a little perturbed therefore when I got the following error shown when I tried to connect to one of the virtual machines in use:
Interestingly, this only occurred on one of the servers we run; connections to virtual machines on other servers worked fine. In addition, after RDPing onto the Hyper-V server itself, I still wasn’t able to make connections to those guest machines from the host machine itself via Hyper-V manager.
The problem occurs because the self generated certificate Hyper-V manager uses when communicating with the guest machines had expired. The steps to solve the problem are:
- On the server affected, stop the Hyper-V Virtual Machine Management service
- Open MMC and add the certificates add-in; select ‘Service Account’ from the list of options, then ‘Local Computer’, then select ‘Hyper-V Virtual Machine Management’ from the list of services available
- Expand vmms\Personal in the left pane of the certificates window and then click on the ‘Certificates’ folder immediately underneath it
- Double-click on the certificate in the right pane of the certificates window (note that it should say ‘issued to’ and ‘issued by’ the host machine) and examine the expiry date
- Close the certificate window, right-click on the certificate in the right pane of the certificates window and select ‘Delete’
- Restart the Hyper-V Virtual Management service
- If you wish to check the validity of the certificate that will have just been created, refresh the certificates window and examine the certificate as before
Update (3rd March 2009): There is now a hotfix to correct this issue for Hyper-V, KB967902.
Technorati Tags: Hyper-V,certificates,virtual machines,remote management