I recently upgraded to Powershell v.5.01 and now I am seeing something new when to connect to my vCenter server.
$vCenter="my-cVenter-FQDN"
$vCenterCredFile = "\\path\to\vCenterCredentials.XML"
$vCenterCreds = Get-VICredentialStoreItem -Host $vCenter -File $vCenterCredFile
Write-Host "Connecting to vCenter ..."`n
Connect-VIServer $vCenter -User $vCenterCreds.User -Password $vCenterCreds.Password | Out-Null
and I get:
Connecting to vCenter ...
WARNING: There were one or more problems with the server certificate:
* The X509 chain could not be built up to the root certificate.
* The certificate's CN name does not match the passed value.
Certificate: [Subject]
E=support@vmware.com, CN=VMware default certificate, OU="VMware, Inc.", O="VMware, Inc."
[Issuer]
O=VMware Installer
[Serial Number]
116C6FA5
[Not Before]
6/9/2011 2:38:48 PM
[Not After]
6/6/2021 2:38:48 PM
[Thumbprint]
3075FD19521FBF00CDA8ACC3D2B2FBB6B454A611
The server certificate is not valid.
WARNING: THE DEFAULT BEHAVIOR UPON INVALID SERVER CERTIFICATE WILL CHANGE IN A FUTURE RELEASE. To ensure scripts are not affected by the change, use Set-PowerCLIConfiguration to set a value for the InvalidCertificateAction option.
so:
1. I have added the certificate from my vCenter to my cert store (both "Trusted Root Certifcation Authorities" and "3rd Party Root Certification Authorities" , which should take care of the "build up to root certificate", I thought. If not, what should I have done with this certificate, to avoid these warnings/errors?
2. I guess I should be issuning a "set-PowerCLIConfiguration -InvalidCertificationAction Ignore" for future use?