i have installed esxi 41. on vmware workstation.I would like to regenerate the certifcate as my professor asked me to attempt to change the server certiifcate with some modification to the certiifcate.
http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf
if anybody can tell about the above two procedures i am very happy.
I TRIED THE ALTERNATIVE>
In esxi command shell there is a command /sbin/generate-certificates.sh which generates the cert.cnf on its own and work on its own and regenerate the certificate with openssl command (the script executes all of the command sequenece ) and delete the intermediate files after regeneration of the certification is over.
Now i want the intermediate files cert.cnf( which is same as openssl.cnf for generating rui.csr file from the given rui.key
in general this cert.cnf is used as -config "c:/openssl/ssl/openssl.cnf"................with out this we can not generate the rui.csr file.
But in esxi command shell this is intermediate file from the script of generate-cerificates.sh
in internet searching i got one answer which is the way to get the cert.cnf
1) Get into ESXi's ssh.
2) cp /sbin/create_certificates /tmp
3) cd /tmp ; vi create_certificates # to extract the part that creates cert.cnf, then create cert.cnf
i did not get the 3rd step so i cannot able to do this.
if i am able to create the cert.cnf then it is possible to me to generate the rui.csr file which in turn i can create rui.crt file also
steps are given in internet
1) Generate the “rui.key” file:# openssl genrsa -out /etc/ssl/private/rui.key 10242) Create the certificate signing request:# openssl req -new -text -key /etc/ssl/private/rui.key -out /etc/ssl/rui.csr3) Sign with your own CA. (Or send the file off to your CA.):# openssl x509 -req -text -days 7000 -in /etc/ssl/rui.csr -CA /etc/ssl/CA.crt \-CAkey /etc/ssl/private/CA.key -out /etc/ssl/rui.crt4) Set proper file permissions:# chmod 0400 /etc/ssl/private/rui.keychmod 0444 /etc/ssl/rui.crt5) Copy the files over to the ESXi host and delete the ones just created:# scp /etc/ssl/rui.crt /etc/ssl/private/rui.key esxihost:/etc/vmware/ssl# rm /etc/ssl/rui.crt /etc/ssl/rui.csr /etc/ssl/private/rui.keythe actual step for the 2nd step is
openssl req -new -text -key /etc/ssl/private/rui.key -config "path of the cert.cnf" -out /etc/ssl/rui.csr
then i can get the out of problem with the 2nd step. later i will follow the 3 4 5 steps.
Hi pratap533
In regards to you VIFS Cmmand I am going to update below link hoping that will help you. .