vCenter

 View Only
  • 1.  SSL VUM

    Posted Jun 25, 2013 05:00 PM

    Hello, help please. I tried to change VUM (4.1) SSL certificate. Was guided by Replacing SSL certificates for VMware vCenter Update Manager by using the Update Manager Utility (1023011). But the certificate on the 8097 port all the same didn't change. What shall I do? Also prompt please the document for the esx host 4.1 ssl cert updating.Thnx



  • 2.  RE: SSL VUM

    Posted Jul 01, 2013 03:34 AM

    I would recommend rather reinstalling the VMs since there is no data loss and less wastage of time



  • 3.  RE: SSL VUM

    Posted Jul 01, 2013 08:29 AM

    I assume the service was restarted? Also when you say port 8097, are you using custom ports? Is the cert replaced correctly when you try to connect via the vsphere client?

    Regards

    Girish



  • 4.  RE: SSL VUM

    Posted Jul 01, 2013 03:44 PM

    Hi, thnx for reply. Of course the service was restarted. I repeated several times. In vcenter is no errors are present. Update manager works operationally. But my scanner of vulnerabilities swears on this port. I come via the browser on this port and I see that the certificate old.



  • 5.  RE: SSL VUM

    Posted Jul 02, 2013 04:18 AM

    Port details are given here:

    http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1012382#Update%20Manager

    Also looks like this is not supported in VUM:

    VMware KB: Replacing SSL certificates for VMware vCenter Update Manager by using the Update Manager Utility

    "You cannot replace the SSL certificates that Update Manager uses on port 9087 when importing offline bundles or upgrade release files."

    Regards

    Girish



  • 6.  RE: SSL VUM

    Posted Jul 02, 2013 07:15 AM

    I am sorry, probably I didn't notice when read. That is not to change this certificate at all?And how to change algorithms of enciphering?



  • 7.  RE: SSL VUM

    Posted Jul 02, 2013 07:23 AM

    The product documentation is lacking IMO. Most info is always found in some random KB :smileyhappy:

    Anyways, you cant change it(algos/cert). Even if you replace the VUM cert, this is not going to affect the cert being used on 9087. 

    Regards

    Girish