Want to be able to change the SSL Certificates on your vCenter Servers and vSphere Hosts to properly signed CA certificates at the click of a button? Want to be able to automatically apply certificates to Auto Deployed Hosts? Need a solution that covers vSphere 4.0 through to 5.1? Can detect and alert you to expiring or revoked certificates and change them for you? Something that provides complete SSL Certificate lifecycle management for your vSphere environment with all the reporting, alerting and audit logs you’d expect? Then vCert Manager might be the tool for you and I’ve got a demo of the beta version to wet your appetite.
I wrote an article regarding a few months ago titled vCert Manager – Changing VMware SSL Certs Made Easy, which included a demo of a very early prototype that I presented at VMworld USA in August 2012. The prototype showed how in concept vCert Manager could automatically replace SSL Certificates in vSphere environments with integration back to a windows CA. A few months on now and VSS Labs, who is the company developing the solution, has released a demo of the beta version. The beta is now being tested by select customers who have signed up to the early adopter program. Check out this demo to see how the product has progressed and get an idea of it’s capabilities.
I think you’ll agree that the vCert Manager Beta has come a long way since the very early prototype I presented at VMworld and wrote about previously. The work is not over though. There is still a little way to go to get everything feature complete and enterprise ready and before it is ready to be generally available. The work is progressing well. The demo below is only 16 minutes long, so won’t take up much of your time.
Final Word
I know how much pain changing SSL certificates is and the goal of vCert Manager is to take this pain away and provide a solution that makes it affordable for all vSphere environments to become more secure. I’d greatly appreciate your feedback on the vCert Manager beta demo. Your suggestions and feedback will help VSS Labs make vCert Manager a great product.
—
This post first appeared on the Long White Virtual Clouds blog at longwhiteclouds.com, by Michael Webster +. Copyright © 2013 – IT Solutions 2000 Ltd and Michael Webster +. All rights reserved. Not to be reproduced for commercial purposes without written permission.
Video – vCert Manager…
vCert Manager A massive area of pain for customers in a virtualized environment is managing SSL certificates and keys for components in the VMware stack. Currently under development, with a scheduled release in November 2012, the vCert Manager is a so…
[…] This post share from Michael Webster ”Long White Clouds – Automating vSphere SSL Cert Management – vCert Manager Beta Demo“ […]
Too bad VMware couldn't just bake this into vCenter as part of the product. Would make too much sense, wouldn't it?
But I will say that you and VSS Labs did a really good job here. Security should be this easy. 🙂
Ya, fundamental security like using trusted SSL certs should be not be a bolt-on product. If the OEM can't bake security right into the product, that OEM has a serious problem. It's really great VSS has taken on the challenge, and I'm eager to try it out. But we should all be asking, why did VMware make it so difficult in the first place to operate in a more secure manner and why does it just get worse (i.e. vSphere 5.1) and not easier?
To me VMware values pushing out new features far more than trying to secure the core product for everyone. Hypervisors are so fundamental to security that the vendor should make it nearly idiot proof to harden the subsystems, not require 30 pages of tedious steps that have a low success rate.
Ironically, I signed up to the early adopter program the day before I had a disastrous Easter weekend with a vCenter SSL cert on 5.1 (goodbye dbo.vpxaccess entries, hello VCDB restore) so this tool cannot come fast enough.
Even VMWare support is referencing this upcoming tool and waiting with anticipation 🙂
[…] you should view a demo of vCert Manager beta in my article Automating vSphere SSL Cert Management – vCert Manager Beta Demo. Then you can come back here for the comparison of what the new VMware Tool does. Also don’t […]