VMware Cloud Community
rotenstern
Enthusiast
Enthusiast
‎06-25-2013 09:59 AM

SSL VUM

Hello, help please. I tried to change VUM (4.1) SSL certificate. Was guided by Replacing SSL certificates for VMware vCenter Update Manager by using the Update Manager Utility (1023011). But the certificate on the 8097 port all the same didn't change. What shall I do? Also prompt please the document for the esx host 4.1 ssl cert updating.Thnx

Tags (2)
0 Kudos
6 Replies
admin
Immortal
Immortal
‎06-30-2013 08:34 PM

I would recommend rather reinstalling the VMs since there is no data loss and less wastage of time

0 Kudos
raog
Expert
Expert
‎07-01-2013 01:28 AM

I assume the service was restarted? Also when you say port 8097, are you using custom ports? Is the cert replaced correctly when you try to connect via the vsphere client?

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos
rotenstern
Enthusiast
Enthusiast
‎07-01-2013 08:44 AM

Hi, thnx for reply. Of course the service was restarted. I repeated several times. In vcenter is no errors are present. Update manager works operationally. But my scanner of vulnerabilities swears on this port. I come via the browser on this port and I see that the certificate old.

0 Kudos
raog
Expert
Expert
‎07-01-2013 09:17 PM

Port details are given here:

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=101238...

Also looks like this is not supported in VUM:

VMware KB: Replacing SSL certificates for VMware vCenter Update Manager by using the Update Manager ...

"You cannot replace the SSL certificates that Update Manager uses on port 9087 when importing offline bundles or upgrade release files."

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
rotenstern
Enthusiast
Enthusiast
‎07-02-2013 12:15 AM

I am sorry, probably I didn't notice when read. That is not to change this certificate at all?And how to change algorithms of enciphering?

0 Kudos
raog
Expert
Expert
‎07-02-2013 12:23 AM

The product documentation is lacking IMO. Most info is always found in some random KB Smiley Happy

Anyways, you cant change it(algos/cert). Even if you replace the VUM cert, this is not going to affect the cert being used on 9087. 

Regards

Girish

To Virtualization and beyond! PS::If you felt the answer as helpful, please mark it as helpful/answered so that it helps other users as well! Blog:: www.virtualtipsntricks.com
0 Kudos