Automating SSL Certificate Expiry Validation for vCenter Server + ESX(i) Hosts
As many of you know, it is a best practice to replace VMware's self-signed SSL certificates that are included in the vCenter Server (Windows & VCSA) and ESX(i) hosts to prevent or help reduce MiTM...
View ArticleExtracting SSL Thumbprint from ESXi
While browsing the VMTN forums earlier this week, I noticed an interesting request from a user who was trying to compile an inventory of the SHA1 Thumbprints for all his ESXi hosts. The challenge the...
View ArticleAutomating SSL Certificate Regeneration in VCSA 5.1 & 5.5 (vCenter Server...
The VCSA (vCenter Server Appliance) provides a very simple way of regenerating the self-signed SSL Certificate by using the VAMI web management interface. This is extremely useful if you change the IP...
View ArticleAutomating the import of vCenter Server 6.x root certificate
In vSphere 6.0, you can now easily import your vCenter Server's trusted root CA certificate onto your client desktop by simply downloading it from the vCenter Server's landing page as shown in the...
View ArticleNew SDDC Certificate Replacement Fling
Certificate lifecycle management is not something anyone looks forward to, it is time consuming and usually not automated. However, it is a necessity for many of our customers. The process gets even...
View ArticleIs vCenter Server & ESXi hosts using VMware Certificate Authority (VMCA) or...
Customers have two primary methods of managing TLS certificates for their ESXi hosts, they can either use the built-in VMware Certificate Authority (VMCA) which is part of vCenter Server or Custom CA...
View Article