VMware Cloud Community
PenguinJeff
Enthusiast
Enthusiast
‎10-09-2018 08:48 AM

Setup SSL Certificates I can use in vcenter appliance 6.7?

I found the following video that started me on a process to use a local Microsoft CA then I ran into a major snag

Replace your vCenter vSphere 6.5 Certificates using your own CA - YouTube

I can't run the command line as root there is no root user to login as only administrator@vsphere.local

when I try dropping to the shell as administrator it runs as nobody and I can not follow the documentation much further without running into a permissions issue.

Is there a web interface to the certificate manager?

So here are my 3 major requirements.

1) I need to setup ssl certificates that my old(2012 installed) EMC VNX can connect to.

I found some documentation for VNX that says vmware default ssl cert uses 512 byte certs and it needed 1024 byte certs but I no longer think this is the case; I suspect it doesn't understand TLS certs and I suspect vmware is using them. Is there a way to use an older technique? I may be off if someone knows more about SSL certificates maybe they can help me here.

2) I need a certificate authority that I can install to my clients.

I am tired of clicking accept. I had tried downloading and installing certs but I must be doing something wrong.

How do I get the certificate info I need from the vmware certificate authority? I know how to install them in the browsers once I have them. I can get the info on how to get and install the microsoft CA which I have if I need to. So that is why I started down that road.

While following the instructions in the video I did setup a Microsoft CA but I don't know that I need it I could use vmware's just the same (watching the videos it appears to have one)?

I can't figure out how to get to it? Or how do I find out it is working?

3) I need all my esxi hosts to have trusted SSL certificates as well so I can upload files to my storage. It is currently a pain in the butt getting a browser to accept the SSL cert to upload a file I have to go to the machine it is trying to upload to and accept it each time.

The documentation I can find on this doesn't show me how to get to anything that I can find?

Where do I click? what do I run? All it covers is yeah you can do this. This is an acceptable way. (but I'm not going to tell you how to do it) Worthless documentation!!!

The documentation here

VMware Knowledge Base​​

Is missing a pretty major step.

How do I get the "certificate request" to paste in?!?!?!

I have installed SSL certs in apache and on Cisco equipment but it is still a bit complex for me to understand all the aspects about it.

Cisco was a bit tricky to find documentation for but I was able to figure it's out. Apache has decent documentation.

Seems all the documentation for SSL certs in vmware is lacking or for outdated versions.

I am using vcenter appliance 6.7.

I am using EMC Unisphere V1.2.30.1.0178

0 Kudos
1 Reply
PenguinJeff
Enthusiast
Enthusiast
‎10-10-2018 06:38 AM

It isn't that it is TLS. I have one machine that is still working properly with my VNX it is the only one running ESXi6.5 the others are running 6.7

The ssl cert has the same size and algorithms so it can not be the ssl key. It must be something else.

It looks like it was the original password I set for administrator to login to root. I was able to login as root and set it's password to the current administrators password.

Now I can continue following the instructions from the video. I still haven't found better instructions.

0 Kudos