Hi Everyone,
I recently decided to start a blog and my first post is on prestaging SSL certificates in 5.x for Inventory Service, vCenter Server, Web Client and the Log Browser.
After endless troubleshooting sessions and implementing of CA certificates in customer environments I have decided to share what I feel is the easiest and most efficient way to implement custom certificates in vSphere 5.x.
The method I am writing about is called Pre-Staging where you essentially take your CA certificates, place them in the correct service folder, and then install/reinstall the component. During installation, the installer recognizes pre existing certificates and the CA certificate that you staged will be used to install, register, and trust service(s) appropriately.
This will work for Inventory Service, vCenter Server Service, Web Client, and the Log Browser service. This does not work with SSO certificates as they are overridden during install; you will have to use the automation tool to install SSO certificates first which I will go over in this post as well.
Questions, comments, feedback welcome!
Sean