HI all,
I'm looking to automate SSL Cert on PSC appliance 6.5 . I tried couple of powershell functions , no help so far. May i know any one did PSC SSL cert installation automated way .
Thanks
Ajay
Which functions did you try?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I tried to send series of inputs to appliance from power-shell to bash ( PSC Appliance).These become singular way of communication , i'm looking for stable process.
Invoke-SSHCommand
VMKeystroke
Invoke-VMScript
Invoke-webrequest ( planning to hit PSC appliance- not done yet)
Note: i already have my root certs with me & trying Hybrid SSL install
I'm able to use Invoke-VMScrip tot call the dir-cli command.
Which seems to indicate I can use the commands from Use Third-Party Certificates With vSphere to replace certificates.
$vcsaName = 'MyVCSA
$ssoUser = 'administrator@vsphere.local'
$ssoPswd = 'VMware1!'
$user = 'root'
$pswd = 'VMware1!'
$vm = Get-VM -Name $vcsaName
$code = @"
/usr/lib/vmware-vmafd/bin/dir-cli trustedcert list --login $ssoUser --password $ssoPswd
"@
Invoke-VMScript -VM $vm -GuestUser $user -GuestPassword $pswd -ScriptText $code -ScriptType Bash
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
I tried like below one passing singular code. It is not working for interactive scripts Example: open /usr/lib/vmware-vmca/bin & open ./certificate-manager and pass inputs to it. Along with that we can't enter inside folder and do our operation, it is always in root folder .Example : create folder ( works), enter inside folder ( not works) .
Thanks
Ajay Vaaka
Why would the creation of a folder and going to that folder not work? Works for me.
Can you show us the code you used?
And of course interactive scripts don't work as-is, but you can use redirection and the pipeline to feed answers to commands.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
This is what i'm looking for exactly "you can use redirection and the pipeline to feed answers to commands".
Can you please give me an example . I'm trying to replace custom certs ( run ./certificate-manager , pipeline to feed answers to commands : 2(replace certs), credentials, cert location )
Folders creation is to store my custom certs and going inside folder and check that uploaded certs ( i will double check on it )
Thanks
Ajay
Is there a reason why you would not use dir-cli ?
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
never tried. i will look on it.
we are not using dir-cli, we don't have root.key .Getting root key seems big task in my organization.
Below is what i'm planning to accomplish as temporary solution for SSL Cert for PSC. still interactive session from ./certificate-manager still present.any suggestions.
connect-viserver -Server $vcenter -User $user -Password $pwd
$vm = Get-VM -Name VMname
$commands = @"
shell
chsh -s "/bin/bash" root
mkdir /machine_ssl
cd /machine_ssl
wget --no-parent -nH --cut-dirs=2 -r CertLocation
cd /usr/lib/vmware-vmca/bin
./certificate-manager
1
$ssoUser
$ssopswd
2
machine cert location
machine key location
root cert location
Y
service-control --stop --all
service-control --start --all
"@ -split "`n"
wait
foreach ($command in $commands)
{
write-host "Performing $command "
Invoke-VMScript -VM $vm.Name -GuestUser $user -GuestPassword $pswd -ScriptText $command -ScriptType Bash
}
Thanks
Ajay