1 Reply Latest reply on Mar 30, 2018 3:32 AM by MohamadAlhoussein

    Create new certificate when using load balancer with external PSC

    derrellb Lurker

      We are installing a greenfield environment where we want to have our PSC's and our vCenters both in HA.  In order to do that we need a load balancer for the vCenters to point to.


      Everything I am reading is saying that I need to create a new certificate for my PSC's to now include the load balancer (KB 2147018)


      If a new certificate is not needed then thats awesome!  If it is needed, I need a little help!


      The directions seem pretty straight forward...or so it seems.  I have never done this before  VMware so my Linux is not the best.


      1.  Create a certificate request - It tells me to open any text editor and use the text VMware provided and fill in the gaps.  Easy enough.

      2.  Run the OpenSSL command to create the .CSR file from the .CFG I created via the text editor - when I run this command it says that the file or directory does not exist.


      openssl req -new -nodes -out /certs/psc-ha-vip.csr -newkey rsa:2048 -keyout /certs/psc-ha-vip.key -config /certs/psc_ha_csr_cfg.cfg


      First off, there is no /certs directory on the PSC.  If I read through the windows vCenter instructions, it says to create that /certs folder.  Ok, that is done.  I can now do a ls / command and see the /certs folder there.  Beyond that, I am not sure how to bring the .cfg file into the /certs folder on the PSC to start the second step.  You cant see that deep in the datastore when I browse.  I am not sure what command is needed to move that .cfg file from my laptop to the /certs directory on the PSC.


      The rest of the instructions seem fairly simple once I get the files I need in place.


      Any help would be greatly appreciated.