VMware Cloud Community
Zo256
Contributor
Contributor
‎09-15-2020 12:47 PM
Jump to solution

Backup and Restore of vCenter Certificates

Hello.

I am currently tasked with migrating a vCenter for Windows 6.5 installation to VCSA 6.7.

Part of the instructions within VMware's documentation for this specific procedure mentions backing up the SSL certificates in the vCenter Server.

However, where are the certificates specifically on disk?

I saw the directory C:\ProgramData\VMware\VMware VirtualCenter\SSL mentioned, but on my machine C:\ProgramData\VMware\VMware VirtualCenter\ is empty, and I was under the impression that directory was for vCenter 5.X anyway.

Looking in ProgramData\VMware\vCenterServer, I do see some rui.crt and rui.key files scattered in a few directories.

But nowhere are the certificates centralized in one location.

Surely the process isn't painstakingly using vecs-cli to export each certificate individually, and then using the same utility on VCSA to individually import them?

I'm convinced I'm just looking in the wrong directory, using the wrong command, or missing some simple process to do this.

How does one backup and restore the SSL certificates themselves?

0 Kudos
1 Solution

Accepted Solutions
ashilkrishnan
VMware Employee
VMware Employee
‎09-15-2020 05:57 PM
Jump to solution

Hi

Please refer this article to export certificates using vecs-cli --> VMware Knowledge Base

A snapshot should be good enough before the migration/upgrade to 6.7. If your vCenter is configured with embedded PSC and is part of enhanced linked mode, ensure snapshot of all servers in linked mode are taken in powered off state:

1. Make a note of ESXi host where the vCenter VM is running

2. Power off all vCenter VMs in linked mode

3. Connect directly to ESXi hosts and take a snapshot of all vCenter VMs

If this is a standalone vCenter, a regular online snapshot would work

Hope that helps

View solution in original post

0 Kudos
2 Replies
ashilkrishnan
VMware Employee
VMware Employee
‎09-15-2020 05:57 PM
Jump to solution

Hi

Please refer this article to export certificates using vecs-cli --> VMware Knowledge Base

A snapshot should be good enough before the migration/upgrade to 6.7. If your vCenter is configured with embedded PSC and is part of enhanced linked mode, ensure snapshot of all servers in linked mode are taken in powered off state:

1. Make a note of ESXi host where the vCenter VM is running

2. Power off all vCenter VMs in linked mode

3. Connect directly to ESXi hosts and take a snapshot of all vCenter VMs

If this is a standalone vCenter, a regular online snapshot would work

Hope that helps

0 Kudos
Zo256
Contributor
Contributor
‎09-16-2020 05:41 AM
Jump to solution

Okay, I wasn't sure if a snapshot was enough beings that the documentation explicitly mentions backing up your certificates.

I was already aware of vecs-cli but wasn't sure if that was correct route.

Marked your answer as correct, ashilkrishnan.

0 Kudos