Reconnect Host after non self signed certificate r...

js40687 · ‎03-21-2017

Hi

we have changed the default self signed certs for internal generated ones. So we have gone from 10 year valid certs down to 2 years, hence having to manage certificate replacement......

So once the host is in Maint mode, I can automate the new cert generation and copy to host and restart of host........

once restarted the host stays disconnected as the SSL Certificate is not verified, by design

so I can automate a reconnect passing credentials but simply get an error to that stating "Authenticity of the hosts SSL certificate is not verified"

has anyone managed to automate accepting that as part of a PowerCLi reconnect script?

Thanks

LucD · ‎03-21-2017

Is that internal CA that generated that certificate been added to the Trusted Publishers on the VCSA?
Does it work when you do the same action via the Web Client?

Update: see also KB2111219

Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference

js40687 · ‎04-25-2017

probably should have mentioned the following too......

this is ESXi 5.5 for the moment so no VCSA

If I do it manually in c# client or the web client I get same error, but you can click ok and then add credentials and then the host comes back connected

Ideally I want to automate the acceptance of the fact that the cert has changed, so I can then automate the reconnect of the host passing the credentials

basically I am trying to handover the task of cert renewal without having to handover the credentials

All

Reconnect Host after non self signed certificate replaced