Hello,
Almost 3 weeks before we have installed custom certificates to our all ESXi hosts (6.7). But now we see some issues with the VMs and suspecting because of SSL. Here the requirement is revert it back to default SSL cert for couple of ESXi hosts (50+).
I have the ESXi hosts names saved in the notepad located in : D:\ESX\name.txt
Is there any easy way we can connect (SSH) all the ESXi hosts in the notepad and choose the option 8 to reset all certificates ?
I am novice in scripting.
You can use the Posh-SSH module to connect to each ESXi node.
In a Foreach loop read the .txt file (Get-Content), and for each ESXi node connect via SSH. See for example Use Posh-SSH instead of PuTTY
Optionally you can make a backup of the current certificate.
Then run the /sbin/generate-certificates command on the ESXi node.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Something like this for example.
It assumes all ESXi nodes use the same root password.
$user = 'root'
$pswd = 'VMware1!'
$cred = New-Object -TypeName PSCredential -ArgumentList $user,(ConvertTo-SecureString -String $pswd -AsPlainText -Force)
$cmdSub = '/sbin/generate-certificates'
Get-Content -Path .\esxnames.txt -PipelineVariable row |
ForEach-Object -Process {
$session = New-SSHSession -ComputerName $row -Credential $cred –AcceptKey
$result = Invoke-SSHCommand -SSHSession $session -Command $cmdSub
Remove-SSHSession -SSHSession $session | Out-Null
}
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference