E-mail
To configure custom SSL certificates in VirtualCenter 2.5:
- Download and install openssl for Windows.
Note: This article assumes you run all commands fromc:\openssl\bin. - Create a VirtualCenter server private key (rui.key):
openssl genrsa 1024 > rui.key
Note: Value cannot be larger than 1024 for VirtualCenter 2.x families.
- Create a certificate signing request (rui.csr):
openssl req -new -key rui.key > rui.csr -config openssl.cfgNote: When prompted for common name, fill in the hostname of the VirtualCenter server.
- Send therui.csrto certificate authority (CA) server.
- Browse toc:\openssl\bin, and save the file/certificate from the certificate authority server asrui.crt.
- Merge the server private key and the signed certificate into the pfx file (rui.pfx)by running the command:
openssl pkcs12 -export -in rui.crt -inkey rui.key -name rui -passout pass:testpassword -out rui.pfx
Note: You must enter a password to continue. The-passoutparameter can be omitted, but the user is prompted to enter a password twice.
- Replace the Certificates on VirtualCenter Server
- Backup the existing files,rui.key,rui.crt, andrui.pfx, fromC:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\to a backup folder.
- Copy the custom files,rui.key,rui.crt, andrui.pfx, toC:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL\
- Stop VirtualCenter Server service using the command:
net stop vpxd
- Reset your database password. The purpose of this is that you need to encrypt the database password with the new keys.
- Browse to the root directory, located by default at C:\Program Files\VMware\Infrastructure\VirtualCenter Server, of your VirtualCenter Server install, then run:
vpxd.exe –p
- When asked for your new password, enter your existing database password.
- When asked to confirm your password, enter the existing password again.
- Browse to the root directory, located by default at C:\Program Files\VMware\Infrastructure\VirtualCenter Server, of your VirtualCenter Server install, then run:
- Start the VirtualCenter Server service with the command:
net start vpxd
- Install the root CA certificate into the trusted root CAs on the VirtualCenter server
Follow the Pre-Trusting Certificatessection from "Enabling Server-Certificate Verification for Virtual Center Clients" (4646606
). - Enable SSL in the registry:
Follow the Enabling Server-Certificate Verificationsection from "Enabling Server-Certificate Verification for Virtual Center Clients" (4646606). - Log into your VirtualCenter Server using the VI Client. You must do this from the VirtualCenter machine.
- A dialog with a certificate error appears. ClickIgnore.
- Log into your VirtualCenter server using a VI Client from another workstation, not VirtualCenter Server. You are prompted to install the certificate on the workstation, clickYesorOK. Logout and log back in.
Comments (2)
Dec 25
Anonymous says:
Houses and cars are not cheap and not every person is able to buy it. But, loans...Houses and cars are not cheap and not every person is able to buy it. But, loans
are created to help different people in such kind of cases.
Jan 05
Anonymous says:
What you have written about is certainly something I have interest in. And...What you have written about is certainly something I have interest in. And the way you reverse cell phone lookup
presented your position was something that engendered no small amount of admiration. For this reason I have chosen to let you know of these things, as I feel you ought to know. This is what outdoor lighting
I'm saying.
Add Comment