ESX Virtualization

VMware ESXi, vSphere, VMware Backup, Hyper-V... how-to, videos....

Examples SSL Config Files VMware Certificate Automation Tool

Shares

Here are Examples from my lab of ALL vCenter Server Components:

vCenter Inventory Service – create a file in c:\certificates\InventoryService\inventoryservice.cfg. Paste this text into the file, changing the elements in Red:

[ req ]
default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local

[ req_distinguished_name ]
countryName = FR
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = vCenterInventoryService
commonName = vc.lab.local

For vCenter Single Sign-On (SSO), create a file in C:\certificatess\SSO called sso.cfg. Paste this text into the file, changing the elements in Red:

[ req ]
default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req

[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local

[ req_distinguished_name ]
countryName = FR
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = vCenterSSO
commonName = vc.lab.local

For the VirtualCenter Server Service, create a file in C:\certificatess\vCenter called vcenter.cfg. Paste this text into the file, changing the elements in Red:

[ req ]

default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req
[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local[ req_distinguished_name ]
countryName = FR
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = vCenterServer
commonName = vc.lab.local

For the vSphere Web Client, create a file in C:\certificates\WebClient called webclient.cfg. Paste this text into the file, changing the elements in Red:

[ req ]

default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req[ v3_req ]
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local[ req_distinguished_name ]
countryName = France
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = vCenterWebClient
commonName = vc.lab.local

For the VMware Log Browser, create a file in C:\certs\LogBrowser called LogBrowser.cfg. Paste this text into the file, changing the elements in Red:

[ req ]

default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req[ v3_req ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local[ req_distinguished_name ]
countryName = France
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = vCenterLogBrowser
commonName = vc.lab.local

For vSphere Update Manager, create a file in C:\certs\UpdateManager called UpdateManager.cfg. Paste this text into the file, changing the elements in Red:

[ req ]

default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req[ v3_req ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local[ req_distinguished_name ]
countryName = France
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = VMwareUpdateManager
commonName = vc.lab.local

For vCenter Orchestrator, create a file in C:\certs\Orchestrator called Orchestrator.cfg. Paste this text into the file, changing the elements in Red:

[ req ]

default_bits = 2048
default_keyfile = rui.key
distinguished_name = req_distinguished_name
encrypt_key = no
prompt = no
string_mask = nombstr
req_extensions = v3_req[ v3_req ]

basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth, clientAuth
subjectAltName = DNS:vc, IP:10.10.7.12, DNS:vc.lab.local[ req_distinguished_name ]
countryName = France
stateOrProvinceName = BX
localityName = Bordeaux
0.organizationName = Vladan
organizationalUnitName = VMwareOrchestrator
commonName = vc.lab.local

Shares
x