VMware Cloud Community
pratap533
Contributor
Contributor
‎06-04-2012 03:48 AM

recreating the server certificate of esxi server.

I have installed vmware esxi server in vmware workstation on my machine.

In general it takes one ip addresses of dhcp configuration.It has the server cerification.In otherwords to call the server https://10.100.13.36 is the format we should use.

can we recreate the certificate of that server.(Because every vmware server takes the same certificate..i guess) my machine ip address is 10.100.13.113 can we recreate the certificate from my machine(i.e from 10.100.13.113)(java program or with any other tool)

Thank you..

Tags (1)
0 Kudos
3 Replies
schepp
Leadership
Leadership
‎06-04-2012 04:11 AM

Hi,

yes you can create a custom SSL certificate and load it into your ESXi server. To create the new certificate you can use a bunch of different tools, like openssl. Googling for "create custom SSL certificate" will offer you lots of articles on how to do it on different systems with different tools.

For loading the new certificate into the ESXi server please take a look at this kb article:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=100816...

it contains links to the ESXi 4 documentations where the replacing of the SSL certificates is explained.

Regards

pratap533
Contributor
Contributor
‎06-05-2012 04:24 AM

Hi schepp

Thank you for your reply,

I tried to get the following to work.

i knew about openssl and how to create the rui.csr and rui.key from openssl commands along with using openssl.cnf and openssl.exe

But i have some problems with the uploading of those files.

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

page 174
1 Put the host into Maintenance Mode.
2 Use the vifs command to put a copy of the certificate and key files on the ESXi host.
The form this command takes for the certificate and key respectively is:
vifs --server <hostname> --username <username> --put rui.crt /host/ssl_cert
vifs --server <hostname> --username <username> --put rui.key /host/ssl_key
3 Use the Restart Management Agents operation through the direct console to have the settings take effect.
4 Exit Maintenance Mode.
i am not getting how to work with vifs command..actually i tried in google but i am not getting where to use this command.
2nd procedure
Put the host into Maintenance Mode.
2 In your upload application, open the file.
.3 Publish the file to one of these locations.
For certificates, https://hostname/host/ssl_crt.
In the direct console, use the Restart Management Agents operation to have the settings take effect.
Exit Maintenance Mode.
do you have idea on seamonkey upload application ..........are there alternative of this..(meanwhile i work on this..but i am asking as i need this work to be done urgently..sorry)
as i do not have much knowldge on this i am not getting how to upload the certiificate and key
could you tell some suggestions on this.
Thank you in advance.
0 Kudos
schepp
Leadership
Leadership
‎06-05-2012 05:21 AM

Hi,

vifs is a command used within the vMA, the virtual appliance for remote administration of esxi Servers from VMware.

If you don't have a vMA installed in your vSphere environment, you can install the VMware CLI ( Command Line Interface ) on your Windows Desktop to use those commands without it.

If you have a MyVMware profile you can download the VMware CLI here:

http://www.vmware.com/download/download.do?downloadGroup=VCLI41

In the C:\<Installation_dir>\bin there's a vifs.pl which listens to options described in the documentation you linked.

Regards

0 Kudos