Hi All,
I am brand new to virtualization and I created an ESXi 4.0.0 server, in which
I have hosed a few Micro$oft servers. One of them is a webserver and the other 2 are a domain controller and an Exchange server.
So, I went the normal route and logged into the host OS and created an
SSL certificate request, sent that off to godaddy, received my new certs and
installed them on the guest os virtual server, but when people hit the webserver running, they are
getting a certificate issued by the VMWare server rather than the one
hosted by the Guest OS.
Is there an easy way around this? Can I disbale vmware from doing this
if I know this will be the only SSL cert on that box?
Can I share this cert with the box if it was already generated to be
used on a winsdows 2003 server?
I am starting to get desperate as I cannot find anyone who seems to know how to do this anywhere and my merchant services has cut me off because they say that I am no longer secure. I REALLY need some help in getting this up and running correctly.
Anything else that anyone can please share? Or if anyone would like to
solve this problem for me, I will gladly pay them to log in and do it
Thanks!
Brad
In this particular issue, you can try removing the certficate from Vmware and adding the SSL certificate created by you.
Jay
MCSE,VCP 310,VCP 410
Consider awarding points for "helpful" and/or "correct" answers.
Hi,
AFAIK what are you saying should not be happening in a right scenario.
First you should make the web certificate request inside the guest machine. Not inside the host machine. I guess it's a mistake on your opening discussion writing.
When web clients connect to the https port of your guest machine IP, they must connect to the web server placed in your guest machine. Then in a correct environment it has no sense that they are seeing a ssl certificate made by VMWare.
Maybe you host machine and guest shares the same IP? This is wrong, it's a misconfiguration. Guest must not share IP with the esxi host machine.
Your web clients are connecting to the right IP using dns queries? Maybe are connecting in a wrong way to the esxi host machine instead of the guest machine. This would explain the wrong ssl certification behavior.
Hope this helps
Regards/Saludos,
Pablo
Please consider awarding any helpful answer. Thanks!! - Por favor considera premiar las respuestas útiles. ¡¡Muchas gracias!!
Thank you Jay. I would love to be able to remove the SSL certificate on the HOST machine, so that the GUEST OS can hand out the correct SLL cert. Is there a walkthrough somewheere that I could follow, on how to do this?
Thank you Pablo. My wording was incorrect in the original post. I logged into the GUEST OS to request the certificate and posted it to the GUEST OS. I just thought that the ESXi servber would "know" and let the traffic pass through and grab the right one.
As far as the I.P. addresses go, I only have one single static I.P. address from the outside and the internal ones are completely different. Internally, when I coinnect to the server using vspehere client, I go to 192.168.45.45 and this I consider the "root" or ESXi server. I have set up the webserver to reside at 192.168.45.10 on that machine.
If it would help to visit it and see the certificate that is being issued, the website is http://www.acconia.com.
Thanks again to both of you!
Brad
Thanks!