Virtual Insider

Blog archive

Automate Certificate Replacement with vCenter Certificate Automation Tool 1.0

It's time to stop "ignoring" SSL certificates in your VMware vCenter environment and start replacing them with valid secure SSL certificates. I know that many of you just don't want to deal with SSL certificates. As a result, you simply choose to ignore the problem as the process of replacing these certificates is tricky. With the release of vSphere 5.1 the number of certificates that we now have to manage or replace has increased. It's a good thing VMware released vCenter Certificate Automation Tool 1.0 to help automate the replacement of the default SSL certificates with your own valid and secure certificates. You can use it with the following systems:

  • vCenter Server
  • vCenter Single Sign On
  • vCenter Inventory Service
  • vSphere Web Client
  • vCenter Log Browser
  • vCenter Orchestrator
  • vSphere Update Manager

As you can see from the list, there are quite a few SSL certificates to replace and doing it manually can be challenging. What I love about VMware is that they recognize that a large number of customers are ignoring best practices, especially in small and medium sized organizations just because no one wants to deal with certificate replacement. So instead of ignoring the problem, they simplified it with this tool.

Now as the name implies, this tool is aimed at the vCenter suite of products and it does not support replacing SSL certificates on ESXi hosts -- it would be a nice addition at some point. I would love to get your thoughts of this tool, whether you will be using it or find it useful.

Posted by Elias Khnaser on 04/17/2013 at 1:33 PM


Subscribe on YouTube