8 Replies Latest reply on Aug 11, 2014 1:08 AM by Akopylov

    SSL Automation Tool Fails at assigning New Certs

    Zewwy Novice

      Hey all,

       

      I'm having a baffling problem... Let me get the basics out of the way..

       

      I'm running 2 ESXi hosts on version 5.1.

      I installed vCenter on a VM, hosted on Windows server 2008 R2..

      I ran the simple installation method using SQL express 2008, server is for the most part standalone.

       

      Successfully installed the vCenter services, logged in as Administrator@vsphere.local, configured logging in as domain admin account, and set that domain as primary.

      I am able to successfully log in as a domain admin, but couldn't configure teh vCenter server as it stated none was found, So I had to log in again with the vsphere admin, and enable domain admins permissions on the vCenter server object.

      All good finally created my Datastore, Cluster and added hosts all went well...

       

      Now I finally wanted to get to the point where I wanted certifcates signed by our enterprise CA, so I don't have to worry about the validity of the certs every time I connect.

       

      VMware KB: Deploying and using the SSL Certificate Automation Tool 1.0.x

       

      After TONS of reading, I configured my Cert Template in my Enterprise CA, got to must required specs, expect its set to sha1, and would recommend sha-256... but whatever, generate my req, get it signed, create a cert chain...

       

      Now I'm finally on assigning cert to service...  (note this tool is installed directly onto the vCenter Server, c:\VMware dir)

       

      Press 3 (Update SSO)

      Press 1 (Update the SSO Cert)

      Enter all the required fields as expected with full directory paths..

       

      Then I get this!! Error but below is taken from the actual log file.

       

      2014-08-05T12:05:56.741-0500 [c.v.s.c.r.RunBuilder] INFO  Running: reg query HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\VMware Infrastructure\SSOServer /t REG_SZ /v InstallPath

      2014-08-05T12:05:56.909-0500 [c.v.s.c.r.RunBuilder] INFO  Exit status: 1

       

      Now I open reg edit and navigate to this reg directory, but such a key of "InstallPath" doesn't exist... What am I doing wrong?!?!?