Windows vCenter 5.5 Update 3 and VMware vRealize Orchestrator 7.0.1 vapp. The vcenter webclient can not talk to the Orchestrator (so you can run workflows from within the web client and not vRo java client).
- Orchestrator can see the 5.5 vCenter in vRO WorkflowDesigner.
- Restarting the vcenter web client service and even the entire VC VM does not help
- vCenter plug-in (Home -> Configuration > Solutions/Client Plug-Ins) is enabled for vRO.
https://VC_FQDN/mob/?moid=ExtensionManager&doPath=extensionList%5b”com%2evmware%2evco”%5d%2eclient
shows the correct information for the vRO vapp.
vCO has SSLv3 and TLSv1 disabled. It turns out the web client uses these to connect to vCO. Enabling on SSLv3 on vCO would bring back the POODLE vulnerability. I would advice NOT to do this, but here are the steps anyways.
This is following parts of Enabling and Disabling SSLv3 support in vCenter Orchestrator 4.2.x and later (2103393)
SSH into the vRO VM.
cp /etc/vco/app-server/server.xml /etc/vco/app-server/server.xml.bak
vi /etc/vco/app-server/server.xml
Old: sslEnabledProtocols= TLSv1.1, TLSv1.2″
New: sslEnabledProtocols=SSLv3, TLSv1, TLSv1.1, TLSv1.2″
service vco-server restart
