Setup Failed To Generate The Ssl Keys Vmware

by

Setup failed to generate the SSL keys necessary to run VMware Server. Click Ok to cancel this installation. 安装的具体版本如下: 我的解决办法,有点曲折,仅供参考; 找到Vmware的历史版本 VMware pro 12 ,成功安装,避免了报错。具体安装出错原因并未深入研究(可留言);.

This article explains how to install SSL certificates on your ESXi machine & vCenter for browser compatibility.

First, on your Linux server, generate SSL certificate as explained below.

This will generate both private key and csr file. If you are generating certificate for multiple hosts, create separate directory for each host.

The above command will generate the following two files:

  • rui.key – Private key for this host
  • rui.csr – Certificate signing request file

For detailed steps, refer to how to generate SSL certificate article.

Use an sFTP Client (for example, winSCP) to download the directories you created to your workstation (c:temp). These files then can be used to generate .cer file (certificate) which can be installed on ESXi. Move the .cer to the same directory as the .key to your workstation C:tempyour-esx-hostname

Install Certificates on ESXi

1. Put the host in maintenance mode.

2. Backup the old certificates.

3. Copy the new certificate and key. Open vCLI. Start > All Programs > VMware > VMware vSphere CLI > Command Prompt, and execute the following:

4. Reload the certificate. Login to DCUI Select Troubleshooting Options -> Select Restart Management Agents. Or, you can just reboot the host to reload the certificate.

5. Cleanup: Remove the backup from C:temp on your workstation. Remove the tmp directory from the linux server. Exit maintenance mode.

Finally, verify your certificate: Connect to the host with a web browser. You should not see any certificate errors. Click the “Lock” icon and select “view certificate”. Check the “valid from” date to ensure everything correct date.

Install Certificates on Your vCenter

1. Generate the CSR and the private key using the same steps outlined above using the Linux server. Replace ESX hostname with the vcenter hostname.

2. Use an sFTP Client (for example, winSCP) to download the directories you created to your workstation (c:temp)

3. These files then can be used to generate .cer file (certificate) which can be installed on vcenter. Move the .cer to the same directory as the .key to your workstation C:tempyour-esx-hostname

4. The .cer file which is generated must be uploaded back to the Linux which is used to generate the PFX file.

5. Using WinSCP, upload the .cer to the /tmp/ directory of the server.

Setup Failed To Generate The Ssl Keys Vmware Server

6. SSH into the host, and do the following:

First, rename the certificate.

Next, generate PFX using openssl command:

Verify your PFX file. Enter “testpassword” whenever it prompts for a password. It may ask for the password more than once. If you see certificate details, the PFX has been generated correctly.

7. SCP rui.cer and rui.pfx file back to your workstation C:temp

8. This directory C:temp should now contain 3 files: rui.key, rui.crt, and rui.pfx

9. RDP into the vCenter Server, and go to: %programdata%VMwareVMware VirtualCenterSSL

10. Create a new folder called “Backup” and move the existing rui.key, rui.pfx, and rui.crt to the Backup folder. Repeat for Inventory Services Certificates: E:Program Files (x86)VMwareInfrastructureVirtualCenter ServerInventory Servicessl

11. Copy rui.pfx, rui.crt, and rui.key from your workstation to the following directories on the vCenter Server.

  • %programdata%VMwareVMware VirtualCenterSSL
  • E:Program Files (x86)VMwareInfrastructureVirtualCenter ServerInventory Servicessl

12. Open a web browser on the vCenter Server and go to: http://localhost/mob/?moid=vpxd-securitymanager&vmodl=1

Setup Failed To Generate The Ssl Keys Vmware Server

  • Click on reloadSSLCertificate
  • Click on Invoke Method
  • It should return void
  • Close the browser

13. To verify the certificate, open a web browser and enter the URL of the vCenter Server. There should be no certificate warnings.

14. Finally, to Cleanup the old certificates, do the following:

  • On the vCenter Server, browse to: %ALLUSERSPROFILE%Application DataVMwareVMware VirtualCenter
  • Open vpxd.cfg in wordpad.
  • Change the value of to false
  • Save and close the file.
  • Restart the vCenter Service:
  • Start > Administrative Tools > Services
  • Click on VMware VirtualCenter Server
  • Click Restart
  • Remove the backup from C:temp.
  • Remove the tmp directory from the Linux server.
> Add your comment

If you enjoyed this article, you might also like..

Setup failed to generate the ssl keys vmware server

Next post: How to Automate Tasks using Grunt Contrib Watch Example (Automatic CSS Minification Example using Grunt)

Previous post: How to Install Linux KVM and Create Guest VM with Examples