Users Guide

ManualsBrandsDell ManualsAnalyticsOpenManage Integration for VMware vCenter Version 4.3

131

132

133

134

135

136

137

138

139

140

1. Create the C:\certificates\ folder on PSC by using the following command: mkdir C:\certificates\.

2. Open the following link in a browser: https://<vCenter FQDN|IP address>/lookupservice/mob?

moid=ServiceRegistration&method=List

3. Log in with the administrator@vsphere.local user name and provide the password when prompted.

NOTE: If you are using a custom name for vCenter Single Sign-On (SSO) domain, use that user name and password.

4. In filterCriteria, modify the value field to show only the tags <filtercriteria></filtercriteria> and click Invoke Method.

5. Search for the following hostnames depending on the certificates that you are replacing:

Table 39. Search criteria information

Trust anchors Search criteria

vCenter server Use Ctrl+F to search, vc_hostname_or_IP.example.com on the

page

Platform Services Controller Use Ctrl+F to search, psc_hostname_or_IP.example.com on the

page

6. Locate the value of the corresponding sslTrust field. The value of the sslTrust field is Base64 encoded string of the old certificate.

7. Use the following examples when updating the Platform Services Controller or vCenter Server trust anchors.

NOTE: The actual string is shortened significantly to improve legibility.

• For vCenter server

Table 40. vCenter server example

Name Type Value

url anyURI https://vcenter.vmware.local:443/sdk

• For Platform Services Controller

Table 41. Platform Services Controller example

Name Type Value

url anyURI https://psc.vmware.local/sts/STSService/

vsphere.local

8. Copy the content of the sslTrust field into a text document and save the document as old_machine.txt.

9. Open the old_machine.txt in a text editor.

10. Append the following at the starting and end of the old_machine.txt file respectively:

-----BEGIN CERTIFICATE-----

-----END CERTIFICATE-----

11. Save old_machine.txt now as old_machine.crt.

You can now extract the thumbprint from this certificate.

Extracting thumbprint from the old certificate

You can extract the thumbprint from the old certificate and upload it to the Platform Services by using the following options:

• Extract the thumbprint by using a Certificate Viewer Tool. See Extracting the certificate thumbprint by using a Certificate Viewer tool

on page 140.

• Extract the thumbprint by using a command line on the appliance. See Extracting Thumbprint by using the command line on page 141.

Extracting the certificate thumbprint by using a Certificate Viewer tool

Perform the following steps to extract the certificate thumbprint:

1. In Windows, double-click the old_machine.txt file to open it in Windows Certificate Viewer.

2. In Windows Certificate Viewer, select the SHA1 Thumbprint field.

3. Copy the thumbprint string into a plain text editor and replace the spaces with colons or remove the spaces from the string.

140

Frequently Asked Questions-FAQ