we have changed the default self signed certs for internal generated ones. So we have gone from 10 year valid certs down to 2 years, hence having to manage certificate replacement......
So once the host is in Maint mode, I can automate the new cert generation and copy to host and restart of host........
once restarted the host stays disconnected as the SSL Certificate is not verified, by design
so I can automate a reconnect passing credentials but simply get an error to that stating "Authenticity of the hosts SSL certificate is not verified"
has anyone managed to automate accepting that as part of a PowerCLi reconnect script?
Is that internal CA that generated that certificate been added to the Trusted Publishers on the VCSA?
Does it work when you do the same action via the Web Client?
Update: see also KB2111219
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
probably should have mentioned the following too......
this is ESXi 5.5 for the moment so no VCSA
If I do it manually in c# client or the web client I get same error, but you can click ok and then add credentials and then the host comes back connected
Ideally I want to automate the acceptance of the fact that the cert has changed, so I can then automate the reconnect of the host passing the credentials
basically I am trying to handover the task of cert renewal without having to handover the credentials