Like a lot of people I was quick to download and implement VMware vCenter Operations Manager 5 Enterprise when it became available. One of the great tools that is included in the suite is Virtual Infrastructure Navigator (VIN), which will discover and map all the dependencies and also DR protection status of VM’s in a linked mode group. However there is a bit of a gotcha if you want to use VIN and you also want to change the SSL Certs in vCenter and/or vSphere Web Client.
Simply put, if you install VIN prior to changing your SSL certs, it will cease to function and be completely broken. It will require that you delete the VIN instance and redeploy from scratch. Fortunately the rediscovery afterwards will fairly quickly get the inventory service mapping and dependencies back. But this is not great from an end user experience perspective. There is also no documented way to change the default self signed SSL cert on VIN itself. Given that VIN is a great tool for a secure environment to identify what services are where and connected to what I’m hoping it will work better in the future when SSL certificates are updated and that there is an easy process provided to update the VIN SSL cert.
If you want a way to fully manage the certificate lifecycle and replace certs automatically then you’ll want to check out vCert Manager – Changing VMware SSL Certs Made Easy. This will completely automate the SSL certificate process in vSphere environments.
This post first appeared on the Long White Virtual Clouds blog at longwhiteclouds.com, by Michael Webster +. Copyright © 2012 – IT Solutions 2000 Ltd and Michael Webster +. All rights reserved. Not to be reproduced for commercial purposes without written permission.