Solved

vmware cert

Posted on 2016-09-13
  • VMware
  • Web Servers
  • Active Directory
  • Virtualization
  • SSL / HTTPS
  • +3
9
45 Views
Last Modified: 2016-10-07
If we already have a wildcard cert *.domain.local or * domain.com

How do you place this in vmware so it uses correctly.
0
Comment
Question by:Indyrb
  • 3
  • 3
  • 2
9 Comments
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 350 total points (awarded by participants)
ID: 41797328
I don't think that certificate you can use because after domain joining process, ESX would not change its hostname to hostname.domain.com like windows machines

you need to generate new cert with esxi hostname from CA  and need to install it on esx
0
 
LVL 36

Assisted Solution

by:Jian An Lim
Jian An Lim earned 150 total points (awarded by participants)
ID: 41798972
0
 

Author Comment

by:Indyrb
ID: 41799983
So if esxi has domain suffix = domain.com
but its also in somedomain.local

Can you give the proper steps on getting the cert on the esxi server.
And has anyone tried the wildcard cert?
0
 

Author Comment

by:Indyrb
ID: 41800173
Further more if adding ESXi to an Active Directory domain somedomain.local  and it has the suffix of domain.com, how will that work.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 35

Accepted Solution

by:
Mahesh earned 350 total points (awarded by participants)
ID: 41800181
Ok you can follow steps in below article if you are running with esxi 5.1 or 5.5
https://kb.vmware.com/selfservice/search.do?cmd=displayKC&docType=kc&docTypeID=DT_KB_1_1&externalId=2034833

If you are running esxi 5.0, follow steps in below article
https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2015421
If you already have SSL certificate like host.domain.com or host.domain.local on windows server or you can simply generate one SSL cert on windows server from AD integrated CA and then you can export it in .pfx format and then follow steps from 4 to 19 in above article

You mat try wildcard certificate, its not officially supported, i have not tried it

Mahesh.
0
 
LVL 35

Assisted Solution

by:Mahesh
Mahesh earned 350 total points (awarded by participants)
ID: 41800195
in order to certificate work with names like host.domain.com or host.domain.local you have to have host(a) record in dns in respective zones pointing to esx server IP address

The system from where you connect to esx will look what fqdn you are using to connect esx box is matching to certiifcate or not, thats all
0
 

Author Comment

by:Indyrb
ID: 41800416
what about esxi version 6+
0
 
LVL 36

Expert Comment

by:Jian An Lim
ID: 41833330
VMware do not support wildcard certificate.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How important is it to take extra precautions to protect your online business? These are some steps you can take to make sure you're free of any cyber crime.
An overview of HIPAA and guidance on this topic that Experts Exchange members can offer.
Teach the user how to use vSphere Update Manager to update the VMware Tools and virtual machine hardware version Open vSphere Client: Review manual processes for updating VMware Tools and virtual hardware versions: Create a new baseline group in vSp…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now