Setup Failed To Generate The Ssl Keys Vmware

1. Setup Failed To Generate The Ssl Keys Vmware Player
2. Setup Failed To Generate The Ssl Keys Vmware Server
3. Setup Failed To Generate The Ssl Keys Vmware Login
4. Setup Failed To Generate The Ssl Keys Vmware Version

This article explains how to install SSL certificates on your ESXi machine & vCenter for browser compatibility.

Jul 08, 2009  You can also generate self signed SSL certificate for testing purpose. In this article, let us review how to generate private key file (server.key), certificate signing request file (server.csr) and webserver certificate file (server.crt) that can be used on Apache server with modssl. Key, CSR and CRT File Naming Convention.

First, on your Linux server, generate SSL certificate as explained below.

This will generate both private key and csr file. If you are generating certificate for multiple hosts, create separate directory for each host.

The above command will generate the following two files:

• rui.key – Private key for this host
• rui.csr – Certificate signing request file

For detailed steps, refer to how to generate SSL certificate article.

Use an sFTP Client (for example, winSCP) to download the directories you created to your workstation (c:temp). These files then can be used to generate .cer file (certificate) which can be installed on ESXi. Move the .cer to the same directory as the .key to your workstation C:tempyour-esx-hostname

Install Certificates on ESXi

1. Put the host in maintenance mode.

2. Backup the old certificates.

3. Copy the new certificate and key. Open vCLI. Generate rsa public private key pair java. Start > All Programs > VMware > VMware vSphere CLI > Command Prompt, and execute the following:

4. Reload the certificate. Login to DCUI Select Troubleshooting Options -> Select Restart Management Agents. Or, you can just reboot the host to reload the certificate.

5. Cleanup: Remove the backup from C:temp on your workstation. Remove the tmp directory from the linux server. Exit maintenance mode.

Finally, verify your certificate: Connect to the host with a web browser. You should not see any certificate errors. Click the “Lock” icon and select “view certificate”. Check the “valid from” date to ensure everything correct date.

Install Certificates on Your vCenter

1. Generate the CSR and the private key using the same steps outlined above using the Linux server. Replace ESX hostname with the vcenter hostname.

Setup Failed To Generate The Ssl Keys Vmware Player

2. Use an sFTP Client (for example, winSCP) to download the directories you created to your workstation (c:temp)

3. These files then can be used to generate .cer file (certificate) which can be installed on vcenter. Move the .cer to the same directory as the .key to your workstation C:tempyour-esx-hostname

4. The .cer file which is generated must be uploaded back to the Linux which is used to generate the PFX file.

Setup Failed To Generate The Ssl Keys Vmware Server

5. Using WinSCP, upload the .cer to the /tmp/ directory of the server.

6. SSH into the host, and do the following:

First, rename the certificate.

Next, generate PFX using openssl command:

Verify your PFX file. Enter “testpassword” whenever it prompts for a password. It may ask for the password more than once. If you see certificate details, the PFX has been generated correctly.

7. SCP rui.cer and rui.pfx file back to your workstation C:temp

8. This directory C:temp should now contain 3 files: rui.key, rui.crt, and rui.pfx

9. RDP into the vCenter Server, and go to: %programdata%VMwareVMware VirtualCenterSSL

10. Create a new folder called “Backup” and move the existing rui.key, rui.pfx, and rui.crt to the Backup folder. Repeat for Inventory Services Certificates: E:Program Files (x86)VMwareInfrastructureVirtualCenter ServerInventory Servicessl

11. Copy rui.pfx, rui.crt, and rui.key from your workstation to the following directories on the vCenter Server.

• %programdata%VMwareVMware VirtualCenterSSL
• E:Program Files (x86)VMwareInfrastructureVirtualCenter ServerInventory Servicessl

12. Open a web browser on the vCenter Server and go to: http://localhost/mob/?moid=vpxd-securitymanager&vmodl=1

• Click on reloadSSLCertificate
• Click on Invoke Method
• It should return void
• Close the browser

13. To verify the certificate, open a web browser and enter the URL of the vCenter Server. There should be no certificate warnings.

14. Finally, to Cleanup the old certificates, do the following:

• On the vCenter Server, browse to: %ALLUSERSPROFILE%Application DataVMwareVMware VirtualCenter
• Open vpxd.cfg in wordpad.
• Change the value of to false
• Save and close the file.
• Restart the vCenter Service:
• Start > Administrative Tools > Services
• Click on VMware VirtualCenter Server
• Click Restart
• Remove the backup from C:temp.
• Remove the tmp directory from the Linux server.

Setup Failed To Generate The Ssl Keys Vmware Login

> Add your comment

If you enjoyed this article, you might also like.

Next post: How to Automate Tasks using Grunt Contrib Watch Example (Automatic CSS Minification Example using Grunt)

Setup Failed To Generate The Ssl Keys Vmware Version

Previous post: How to Install Linux KVM and Create Guest VM with Examples