<==Charvo==> cloud age is upon Us

vCenter VCSA will have default self-sign certificate which communicate with 443 over https. There are three method of certificate 1.       Self-Sign Certificate 2.       Custom certificate 3.       VMCA We are discussing with vCenter replaced certificate either custom and VMCA. I am using custom method. Mostly organization will have their CA server locally or outsourced or public CA server service. Embedded vCenter you need to replace certificate on one appliance, incase of external vCenter you need to replace on PSC and vCenter. Before replacing and after replacing certificate you can check SSL certificate details with this command “openssl s_client -connect localhost:443” This is article we going to secure LDAP on VSCA. The LDAP(Secure) on PSC Identity Source Configuration Wizard. vCenter LDAP is integrated on PSC. If its embedded vCenter you can perform this Steps on vCenter. If vCenter is external, you need to perform this step on PSC not on vCenter. Befo

While VMware vCenter provides a centralized platform for managing across the hybrid cloud, an expired certificate can turn into an IT nightmare. Recently, one of our clients experienced an issue with VMware vCenter 6.5. The platform became unavailable because the certificate expired. This expired certificate was not self-signed or automatically created during new vCenter installation, but instead issued by a trusted certificate authority (CA). Dasher’s expert engineers recommend replacing the certificate on your vCenter and checking the expiration date to prevent a vCenter outage. When a vCenter machine certificate expires, most communication and services will not work properly and fail to function (due to multiple services that are assigned to use that certificate for secure communication). In this case, our client could not login vCenter, manage it and other third-party integration plugins, or backup software failed with tasks. How to recover a VCenter machine certificate

With the release of VMware Cloud Foundation (VCF) 3.0, major changes were made to the deployment and architecture of the platform and as a result, there are new pre-requisites that need to be met before bringing up can occur. 1. Physical prerequisites This is where the architecture changes come into play. VCF 3.0 includes a new Bring Your Own Network design methodology that is drastically different than the very prescribed networking in previous versions. This was from direct feedback from customers, and it shows that they’re listening and willing to make changes based on said feedback.  Racking and cabling of the hosts is still the same, but there are no longer any requirements around how the networking is cabled or configured if VLAN tagging is enabled and the ports are available. This opens up VCF to being supported on what would previously have been a non-VCF architecture. This provides a great deal of flexibility in switching vendors as well as throughput choices. The dis

Ever wonder why your update just won’t install or why HA just won’t enable on a host? Well wonder no more! We just upgraded to vSphere 6.5 Update 2 and had a host that would not install the HA agent. No amount of “Reconfigure for vSphere HA” or disabling/re-enabling HA would get the agent to install. There’s  a KB article  that talks about uninstalling the HA agent manually, so I gave that a try and lo and behold running  esxcli software vib remove vmware-fdm  came back with an error.   Running  esxcli software vib list  showed only the vmware-tools VIB. This didn’t seem right, so I did some additional digging and found  this KB article  that worked out the problem (yes it says SDDC Manager, a function of VMware Cloud Foundation, but I saw this on a non-VCF host and it’s an ESXi issue, so I wouldn’t worry about titles). Copy the  imgdb.tgz  file from a known good ESXi host with the same VIBs, upgrades and Patches. To copy the  imgdb.tgz  file from a ESXi host:   1.