Regenerate certificate on ESXi 4.1

Hello

I have ESXi 4.1 and I need to regenerate Certificate becuase of ESXi Host name and dns change
How can I do it ?

p.s.
In vmware web site there is an artical
http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&docType=kc&externalId=1008166&sliceId=1&docTypeID=DT_KB_1_1&dialogID=224246673&stateId=0 0 224248440 saying:

Generate New Certificates for the ESXi Host
The ESXi host generates certificates the first time the system is started. Under certain circumstances, you might
be required to force the host to generate new certificates. You typically generate new certificates only if you
change the host name or accidentally delete the certificate.
Procedure
1 Select Reset Customized Settings in the direct console.
2 Reboot the system to regenerate the certificates

I have entered the console from the Host itself and I can't find this option "Reset Customized Settings"

My question is how can I regenerate a new certificate for my ESXi4.1 Host
Please Advise
DoronAviadCEOAsked:
Who is Participating?
 
Andrew Hancock (VMware vExpert / EE MVE^2)Connect With a Mentor VMware and Virtualization ConsultantCommented:
Reset Customized Settings settings was used in ESXi 3.5, 4.0, in 4.1 it was changed to Reset System Configuration, and clearly VMware have not updated their documentation between ESXi versions.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Do you not have access to the actually Direct Console User Interface? (black and yellow screen)?

e.g. via iLO, DRAC or KVM?
0
 
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

Here you have all the information about certifcates for all vSphere versions

http://kb.vmware.com/kb/1008166

and also

http://kb.vmware.com/kb/4646606

Jail
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
and for ESXi 4.1 Page 177 Encryption and Security Certificates for ESXi

http://www.vmware.com/pdf/vsphere4/r41/vsp_41_esxi_server_config.pdf

Generate New Certificates for the ESXi Host

The ESXi host generates certificates the first time the system is started. Under certain circumstances, you might be required to force the host to generate new certificates. You typically generate new certificates only if you change the host name or accidentally delete the certificate.

Procedure

1 Select Reset Customized Settings in the direct console.

2 Reboot the system to regenerate the certificates.

There is also a procedure in the document for uploading your own Certificiate, but the easiest method would be to  Reset Customized Settings ON the direct console
0
 
DoronAviadCEOAuthor Commented:
hanccocka

I have access to the direct console (black and yenllow) direct keyboard and screen connection
0
 
DoronAviadCEOAuthor Commented:
BestWay

I have writing in my question That I looked at the Linkes you send me..... please reread my question
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
and you have no option which states Reset Customized Settings? after logging in?
0
 
DoronAviadCEOAuthor Commented:
hanccocka

How do I see this option in the Grahy and Yellow direct interface ????
I only see option "Reset System Configuration" I don't see "Reset customized Settings"
where is that option ???
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
Press Function Key Number 2 (F2) to Customize System.

and then second option from the bottom, you should have Reset Customized Settings?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
That is the OPTION! you need.
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
It will perform a Default Reset of ESXi 4.1. (all vSwitches, VMNICs) it will return to factory defaults, a bit like a fresh install.
0
 
Luciano PatrãoConnect With a Mentor ICT Senior Infraestructure  Engineer  Commented:
Hi

Since you did not added the KB number I thought was another link.

Regarding how to generate, you can get all that information on the documentation, also added some in the hanccocka message.

Connect to you host ESXi direct console, choose F2, you should see the Reset Customized Settings

Jail
0
 
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

Yes I have double checked and hanccocka is right, the option have changed, and the documentation still have the old name.

Jail
0
 
DoronAviadCEOAuthor Commented:
BestWay

The docuemnts about regenerating say only one option "Reset Customize Settings" (hanccocka Thanks for updating the name was change to "Reset System Configuration"

This option seems to me to extrime, for only regenerate a new Certificate to do a complite System Reset ?

I found an articale about ESXi3 with simple command line solution but it is not available in ESXi4.1

Is there another way you advise to regenrate ?
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)Connect With a Mentor VMware and Virtualization ConsultantCommented:
Not that is SUPPORTED. (unless you want to upload your own certificate).

Usually, if you change the name of an ESXi host, you would vMotion ALL VMs off the host, or backup the host first, Enter Maintenance Mode, Remove the ESX host from vCenter, Change the Hostname and IP address in the  Console, and then Reset System Configuration.

and then from Documents reconfigure your ESXi host, which should only take you 5 minutes.
0
 
DoronAviadCEOAuthor Commented:
Thanks you all for you great support
Have a great Day
0
 
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

I agreed that for to recreate only a certificate, is too much, but there is no create_certificates after ESXi 4.x, you have a script called generate_certificates.sh, but honestly I never used.

But looking at the script I think will generate the same Certificate. But I will test on my ESXi server test.

Jail
0
 
Andrew Hancock (VMware vExpert / EE MVE^2)VMware and Virtualization ConsultantCommented:
No problems.
0
 
Luciano PatrãoICT Senior Infraestructure  Engineer  Commented:
Hi

I have run the script generate_certificates.sh and restart the host, and when I try to connect again to the ESXi host with the VMware vSphere Client ask again to add the new certificate.

So running this script this will generate a new certificate that can be used.

Hope this can help.

Jail
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.