VMware Cloud Community
fcoa
Contributor
Contributor
‎06-09-2011 12:17 PM

Issue Replacing vCenter 4.0 Certificate (PFX file)

We're attempting to replace the vCenter 4.0 self-signed SSL certificate with an Enterprise CA certificate.  Unfortunately, it seems there's an issue with vCenter/Tomcat and PFX files created with OpenSSL v1.0.0 or higher (http://kb.vmware.com/kb/1025966).  When we attempt to utilize an earlier version of OpenSSL (v0.9.8h) as recommended, openssl.exe crashes when attempting to generate the PFX.   We've attempted this on two different WinXP devices (one physical, one vm).

Except for the Tomcat dependent components mentioned in KB1025966, vCenter works fine.  So, the new certificate is working.

I've also tried "increasing the maximum memory pool value" as described in the KB1025966, to no avail.  

Any thoughts?

0 Kudos
2 Replies
fcoa
Contributor
Contributor
‎06-09-2011 12:19 PM

PS- We referenced two support documents (URL's below) for this process and started with the latest available version of OpenSSL for Windows Light (v1.0.0d).

Reference Support Documents:

http://www.vmware.com/pdf/vsp_4_vcserver_certificates.pdf (Pg 3 - 5)

http://community.citrix.com/display/ocb/2010/08/09/Secret+to+getting+VirtualCenter+to+use+an+Enterpr...

0 Kudos
fcoa
Contributor
Contributor
‎07-12-2011 06:21 AM

This issue was resolved after upgrading vCenter Server (4.0) to Update 3.

0 Kudos