VCAP-DCV Deploy Objective 8.2 – Part 2

SSL Certificate, VCAP6-DCV Deploy
In this section we will continue  to cover "Manage SSL certificates" Here are the objective from the blueprint : Configure and manage VMware Endpoint Certificate Store Replace default certificate with CA-signed certificate Generate ESXi host certificates Enable / Disable certificate checking Configure SSL timeouts according to a deployment plan Lab Setup: Using VMware workstation: Microsoft Servers 2012R2 for Services (ADCS,DNS , DHCP, etc…) Installed esx0 Installed VCSA  Documents used: vSphere Security Guide VMware KB 2112016 Configure and manage VMware Endpoint Certificate Store: VMware Endpoint Certificate Store (VECS) serves as a local (client-side) repository for certificates, private keys, and other certificate information that can be stored in a keystore. You can decide not to use VMCA as your certificate authority and certificate signer, but you must use VECS to store all vCenter certificates,…
Read More

VCAP-DCV Deploy Objective 8.2 – Part 1

SSL Certificate, VCAP6-DCV Deploy
In this section we are going to cover "Manage SSL certificates" Here are the objective from the blueprint : Configure and manage VMware Certificate Authority Lab Setup: Using VMware workstation: Microsoft Servers 2012R2 for Services (ADCS,DNS , DHCP, etc…) Installed esx0 Installed VCSA  Documents used: vSphere Security Guide VMware KB 2112016 Configure and manage VMware Certificate Authority: In vSphere 6.0 and later, the VMware Certificate Authority (VMCA) provisions your environment with certificates. This includes machine SSL certificates for secure connections, solution user certificates for authentication to vCenter Single Sign-On, and certificates for ESXi hosts that are added to vCenter Server. The following certificates are in use. [caption id="attachment_1806" align="alignnone" width="943"] Source: VMware security guide[/caption] There are many variation of how to configure VMCA , i choose to configure VMCA as a…
Read More