Skip to main content

Regenerate certificates using self-signed VMCA for vCenter server

1) ssh to vCenter Serever

2)find hostname ( FQDN/PNID ) using #hostname -f

root@localhost [ /usr/lib/vmware-vmca/bin ]# hostname -f

localhost

root@localhost [ /usr/lib/vmware-vmca/bin ]#


3)cd /usr/lib/vmware-vmca/bin

run:  ./certificate-manager

                 _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
                |                                                                     |
                |      *** Welcome to the vSphere 6.8 Certificate Manager  ***        |
                |                                                                     |
                |                   -- Select Operation --                            |
                |                                                                     |
                |      1. Replace Machine SSL certificate with Custom Certificate     |
                |                                                                     |
                |      2. Replace VMCA Root certificate with Custom Signing           |
                |         Certificate and replace all Certificates                    |
                |                                                                     |
                |      3. Replace Machine SSL certificate with VMCA Certificate       |
                |                                                                     |
                |      4. Regenerate a new VMCA Root Certificate and                  |
                |         replace all certificates                                    |
                |                                                                     |
                |      5. Replace Solution user certificates with                     |
                |         Custom Certificate                                          |
                |         NOTE: Solution user certs will be deprecated in a future    |
                |         release of vCenter. Refer to release notes for more details.|
                |                                                                     |
                |      6. Replace Solution user certificates with VMCA certificates   |
                |                                                                     |
                |      7. Revert last performed operation by re-publishing old        |
                |         certificates                                                |
                |                                                                     |
                |      8. Reset all Certificates                                      |
                |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|
Note : Use Ctrl-D to exit.
Option[1 to 8]: 

Enter details as :
Enter proper value for 'Country' [Default value : US] : (Note: Value for Country should be only 2 letters)
Enter proper value for 'Name' [Default value : CA] :
Enter proper value for 'Organization' [Default value : VMware] :
Enter proper value for 'OrgUnit' [Default value : VMware Engineering] :
Enter proper value for 'State' [Default value : California] :
Enter proper value for 'Locality' [Default value : Palo Alto] :
Enter proper value for 'IPAddress' [optional] :
Enter proper value for 'Email' [Default value : email@acme.com] :
Enter proper value for 'Hostname' [Enter valid Fully Qualified Domain Name(FQDN), For Example : example.domain.com] :
Enter proper value for VMCA 'Name': <<Entrer Hostname received in step 2)

Type "Y" to confirm

Comments

Post a Comment

Popular posts from this blog

Deploy OVF fails Issues detected with selected template. Details: VALUE_ILLEGAL: No supported hardware versions among [virtualbox-2.2]; supported: [vmx-04, vmx-07, vmx-08, vmx-09, vmx-10, vmx-11, vmx-12, vmx-13, vmx-14, vmx-15, vmx-16, vmx-17, vmx-18, vmx-19].

 Error: While deploy using OVF file ,getting error as : Issues detected with selected template. Details: - -1:-1:VALUE_ILLEGAL: No supported hardware versions among [virtualbox-2.2]; supported: [vmx-04, vmx-07, vmx-08, vmx-09, vmx-10, vmx-11, vmx-12, vmx-13, vmx-14, vmx-15, vmx-16, vmx-17, vmx-18, vmx-19]. Solution: Open .OVF file and edit       <Info>Virtual hardware requirements for a virtual machine</Info>       <System>         <vssd:ElementName>Virtual Hardware Family</vssd:ElementName>         <vssd:InstanceID>0</vssd:InstanceID>         <vssd:VirtualSystemIdentifier>zabbix_appliance-6.2.7</vssd:VirtualSystemIdentifier>         <vssd:VirtualSystemType> virtualbox-2.2 </vssd:VirtualSystemType>       </System> to  vmx-19       <Info>Virtual hardware requireme...
Post a Comment
Read more

vSphere HA agent for this host has an error: The vSphere HA agent is not reachable from vCenter Server |Vsphere HA status error | vCenter server 7.0

When you enable Vcenter HA on vsphere7.0 esxi cluster if you see any of the below error: vSphere HA agent for this host has an error: The vSphere HA agent is not reachable from vCenter Server Vsphere HA status error vSphere HA agent cannot be installed or configured  Solution: -Download latest Vmware tools VIB package from:   https://my.vmware.com/group/vmware/downloads/details?downloadGroup=VMTOOLS1125&productId=974&rPId=58693 -winscp to ESXi host the zip file of VIB. -Install the package:  esxcli software vib install -d  "/tmp/VMware-Tools-11.2.5-core-offline-depot-ESXi-all-17337674.zip" -Reboot the Esxi. -Right click on the esxi to do "Reconfigure vSphere HA"
Post a Comment
Read more