Task:
Make a MS Windows workstation and a Mac workstation trust the vCenter certificates.
Part 1 - Download the certificates from vCenter
1. Navigate to the vCenter instance home page (no /ui)
e.g. myvcenter.mindwatering.net/
2. On the right under the For Administrators box, click the last link/entry, Download trusted root CA certificates.
This downloads a file: ~/Downloads/download.zip
3. Extract/example the archive. This produces a certs folder. In the certs folder is a win, mac, and lin set of folders with the certificates.
4. Within the Mac and Win folders, remove the files with a "r". These are revocation list entries, in which we are not currently interested.
e.g. rm bdb0bff4.r1.crl or rm bcb0bef4.r0.crl
This leaves files which end in .0 and .1, for Mac, and .0.crt and .1.crt for windows PCs. These files are the root certificates to be imported.
Part 2 - Add the certificates to the Mac and PC workstations
Mac:
Although, there is a folder for Mac, the win folder will also work just fine, since they already have the .crt extension. Either folder may be used.
1. Open the certificate with the Keychain Access, the "CA" entry will be added w/o any trust.
2. Double-click the CA entry, and change the "Not Trusted" to "Trusted" for "Secure Sockets Layer". Close the dialog and authenticate to add the change.
PC:
1. Right click each certificate, choose Install Certificate. Click Open at the unknown publisher warning.
2. In the Certificate Import Wizard, under Store Location, Current User. Click Next.
3. Select Place all certificates in the following store, if not already selected. Click the Browse button, and in the Select Certificate Store pop-up, choose Trusted Root Certificates Authorities. Click OK. Authenticate when prompted. Click OK to the complete noticed.
previous page
|