So for those of us who have experienced the wonderful times of dealing with replacing or updating certificates within our VMware infrastructures, VMware came to the rescue (kind of) and provided a tool for us to use. This tool has been dubbed vCenter Certificate Automation Tool. A little excerpt from the release announcement:
Fresh out of development today VMware has a new tool to help everyone with the implementation of custom certificates. The vCenter Certificate Automation Tool 1.0, will help customers update certificates needed for running vCenter Server and supporting components.
In order to use the tool, you must have the following:
- Administrative privileges on the server(s) you are running the tool on. Although non-administrator users can download and launch the tool, all operations will fail without the proper permissions.
- Access to each server that has vSphere components for which the SSL certificate will be updated.
- All vCenter Server components which will have their certificates updated have already been installed and are running.
- The new certificates already exist and you know the location of the new certificates. For increased security, generate each certificate and private key on the machine where it will be used. The new SSL certificate for each vSphere component must have a unique base DN.
So you don’t have to go around looking, here is a couple of links to KB articles on how to use the vCenter Certificate Automation Tool:
- Generating certificates for use with the VMware SSL Certificate Automation Tool
- Deploying and Using the SSL Certificate Automation Tool
Just wanted to share this with the readers…enjoy!