| root@localhost [ ~ ]# /usr/lib/vmware-vmca/bin/certificate-manager
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
| |
| *** Welcome to the vSphere 6.8 Certificate Manager *** |
| |
| -- Select Operation -- |
| |
| 1. Replace Machine SSL certificate with Custom Certificate |
| |
| 2. Replace VMCA Root certificate with Custom Signing |
| Certificate and replace all Certificates |
| |
| 3. Replace Machine SSL certificate with VMCA Certificate |
| |
| 4. Regenerate a new VMCA Root Certificate and |
| replace all certificates |
| |
| 5. Replace Solution user certificates with |
| Custom Certificate |
| NOTE: Solution user certs will be deprecated in a future |
| release of vCenter. Refer to release notes for more details.|
| |
| 6. Replace Solution user certificates with VMCA certificates |
| |
| 7. Revert last performed operation by re-publishing old |
| certificates |
| |
| 8. Reset all Certificates |
|_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _|
Note : Use Ctrl-D to exit.
Option[1 to 8]: 8
Do you wish to generate all certificates using configuration file : Option[Y/N] ? : Y
Please provide valid SSO and VC privileged user credential to perform certificate operations.
Enter username [Administrator@vsphere.local]:
Enter password:
Please configure certool.cfg with proper values before proceeding to next step.
Press Enter key to skip optional parameters or use Default value.
Enter proper value for 'Country' [Default value : US] :
Enter proper value for 'Name' [Default value : CA] :
Enter proper value for 'Organization' [Default value : VMware] :
Enter proper value for 'OrgUnit' [Default value : VMware Engineering] :
Enter proper value for 'State' [Default value : California] :
Enter proper value for 'Locality' [Default value : Palo Alto] :
Enter proper value for 'IPAddress' (Provide comma separated values for multiple IP addresses) [optional] : 10.10.10.10
Enter proper value for 'Email' [Default value : email@acme.com] :
Enter proper value for 'Hostname' (Provide comma separated values for multiple Hostname entries) [Enter valid Fully Qualified Domain Name(FQDN), For Example : example.domain.com] : vsphere.local
Enter proper value for VMCA 'Name' :vsphere.local
Continue operation : Option[Y/N] ? : Y
You are going to reset by regenerating Root Certificate and replace all certificates using VMCA
Continue operation : Option[Y/N] ? : Y
Get site nameCompleted [Reset Machine SSL Cert...]
default-site
Lookup all services
Get service default-site:8d7d9dfe-a8a5-4239-98dd-11450c29e372
Update service default-site:8d7d9dfe-a8a5-4239-98dd-11450c29e372; spec: /tmp/svcspec_ofokwzjb
Get service default-site:7cce27d9-2054-42de-88d0-18e6dda92974
Update service default-site:7cce27d9-2054-42de-88d0-18e6dda92974; spec: /tmp/svcspec_o33jb36v
Get service default-site:b2989b91-cc7f-46fc-9329-51633c227544
Update service default-site:b2989b91-cc7f-46fc-9329-51633c227544; spec: /tmp/svcspec_hg_3lbrr
Get service 215a0ae7-f36c-4feb-a91b-64f542f10737
Update service 215a0ae7-f36c-4feb-a91b-64f542f10737; spec: /tmp/svcspec_0g9aitb9
Get service 9913dd5a-29d9-4944-9023-b36a7f3f9aab
Update service 9913dd5a-29d9-4944-9023-b36a7f3f9aab; spec: /tmp/svcspec_p3wa5u5o
Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vsphere.client
Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vsphere.client
Get service 083c382b-410e-4068-8f3f-46a6f384aabb_kv
Update service 083c382b-410e-4068-8f3f-46a6f384aabb_kv; spec: /tmp/svcspec_9_qw87q7
Get service a7b5290e-bdab-4b5f-835e-0e72025aec34
Update service a7b5290e-bdab-4b5f-835e-0e72025aec34; spec: /tmp/svcspec_z6vwsink
Get service 95d64ba2-42e2-41eb-a999-9b5b529c59c8
Update service 95d64ba2-42e2-41eb-a999-9b5b529c59c8; spec: /tmp/svcspec_impoxn0n
Get service af5ed366-41cf-42d0-8e4f-beae28ec85f1
Update service af5ed366-41cf-42d0-8e4f-beae28ec85f1; spec: /tmp/svcspec_1yg0oc6w
Get service f3163235-3656-4761-84aa-47f62508af07
Update service f3163235-3656-4761-84aa-47f62508af07; spec: /tmp/svcspec_0ovp2qfp
Get service c2c8bdc3-d12f-4ba4-9d46-ae02a3c84422
Don't update service c2c8bdc3-d12f-4ba4-9d46-ae02a3c84422
Get service 41c3a8d4-6fc2-4681-8ea2-11c04e38251d
Update service 41c3a8d4-6fc2-4681-8ea2-11c04e38251d; spec: /tmp/svcspec_lbsneeph
Get service 93aa8809-30dc-4420-ad6f-992274b208fc
Update service 93aa8809-30dc-4420-ad6f-992274b208fc; spec: /tmp/svcspec__dpslmx_
Get service d34464b3-8d33-4666-952b-12f86993dff9
Update service d34464b3-8d33-4666-952b-12f86993dff9; spec: /tmp/svcspec_ix7p0ix2
Get service 59be3a84-a8d1-43f7-a438-f96b05cd293f
Update service 59be3a84-a8d1-43f7-a438-f96b05cd293f; spec: /tmp/svcspec_fzr_0wzy
Get service b5857733-e43c-45a2-9eea-ffe828e342e5
Update service b5857733-e43c-45a2-9eea-ffe828e342e5; spec: /tmp/svcspec_13838hnp
Get service f4476059-f338-49e0-b593-bdbed7924b9f
Update service f4476059-f338-49e0-b593-bdbed7924b9f; spec: /tmp/svcspec_heu48h53
Get service 5cd17d52-143e-4f94-bdc9-460395aa2788
Update service 5cd17d52-143e-4f94-bdc9-460395aa2788; spec: /tmp/svcspec_h44reiwc
Get service eb4088cb-587c-462f-ae74-dee39ecd2d81
Update service eb4088cb-587c-462f-ae74-dee39ecd2d81; spec: /tmp/svcspec_n3bn7nac
Get service 77a8311e-f84b-4f6a-85af-5aad7410d07f
Update service 77a8311e-f84b-4f6a-85af-5aad7410d07f; spec: /tmp/svcspec_4uagg_qw
Get service 961ed673-2103-4389-a3ff-15fe1136c1c8
Update service 961ed673-2103-4389-a3ff-15fe1136c1c8; spec: /tmp/svcspec_ama3feqa
Get service dbc775d9-a14d-4c52-ab0f-04adc7f4e64e
Update service dbc775d9-a14d-4c52-ab0f-04adc7f4e64e; spec: /tmp/svcspec_s28drpmn
Get service 510feef8-19c7-4a8e-8b6f-81b20b391338
Update service 510feef8-19c7-4a8e-8b6f-81b20b391338; spec: /tmp/svcspec_n3phr010
Get service c4e34b09-0335-470e-a2cd-3fc032957b4c
Update service c4e34b09-0335-470e-a2cd-3fc032957b4c; spec: /tmp/svcspec_ffb4f7ea
Get service 721a3bc4-ecc8-4e0e-8403-1fd44e84e8cc
Update service 721a3bc4-ecc8-4e0e-8403-1fd44e84e8cc; spec: /tmp/svcspec_g2yil2u2
Get service 5989812c-590d-44cb-bc3a-8172ea0fa85f
Update service 5989812c-590d-44cb-bc3a-8172ea0fa85f; spec: /tmp/svcspec_57e17tya
Get service 083c382b-410e-4068-8f3f-46a6f384aabb
Update service 083c382b-410e-4068-8f3f-46a6f384aabb; spec: /tmp/svcspec_5l0hyjrf
Get service 5445743e-ca86-4e7a-85fc-106198e3a590
Update service 5445743e-ca86-4e7a-85fc-106198e3a590; spec: /tmp/svcspec_jqs60mmd
Get service 471ca192-a964-4346-9f1b-8a89c9684567
Update service 471ca192-a964-4346-9f1b-8a89c9684567; spec: /tmp/svcspec_x4joob3k
Get service eafc231a-0493-4d9f-9351-99c204ffc715
Update service eafc231a-0493-4d9f-9351-99c204ffc715; spec: /tmp/svcspec_j1ln95s5
Get service bf973dfe-0161-4543-befc-04fc23d1a1d1
Update service bf973dfe-0161-4543-befc-04fc23d1a1d1; spec: /tmp/svcspec_f6ia8c_t
Get service 7a5d1b63-e0f6-4eb1-8c99-2d1ffabf278b
Update service 7a5d1b63-e0f6-4eb1-8c99-2d1ffabf278b; spec: /tmp/svcspec_udegb3_c
Get service a3695900-ee1c-4494-9f2b-351b963cffa3
Update service a3695900-ee1c-4494-9f2b-351b963cffa3; spec: /tmp/svcspec_3456cofm
Get service 5b00a6a9-efa7-4844-8144-4b1e5f9d3fcc
Update service 5b00a6a9-efa7-4844-8144-4b1e5f9d3fcc; spec: /tmp/svcspec_akqdsizn
Get service 29f0ad2a-2d18-4744-8cdb-31b50764cbee
Update service 29f0ad2a-2d18-4744-8cdb-31b50764cbee; spec: /tmp/svcspec_482hrta2
Get service 29cbc4aa-8893-4922-afff-649cc25a6423
Update service 29cbc4aa-8893-4922-afff-649cc25a6423; spec: /tmp/svcspec_3hrq76o2
Get service 10e1363e-ef1d-47f0-b0b6-6cab7e37d144
Update service 10e1363e-ef1d-47f0-b0b6-6cab7e37d144; spec: /tmp/svcspec_7zpp8yk9
Get service b7ef48d7-c124-45e8-8d22-b850349027e2
Update service b7ef48d7-c124-45e8-8d22-b850349027e2; spec: /tmp/svcspec_1s0nxvd4
Get service 3ab8929e-91c8-42dc-aa31-786c45309610
Update service 3ab8929e-91c8-42dc-aa31-786c45309610; spec: /tmp/svcspec_ti3j2mgb
Get service 77e6dcf0-5007-42ff-b3be-3d496c6dc8b6
Update service 77e6dcf0-5007-42ff-b3be-3d496c6dc8b6; spec: /tmp/svcspec_97989zbp
Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a
Update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a; spec: /tmp/svcspec_1z9un83v
Get service 083c382b-410e-4068-8f3f-46a6f384aabb_authz
Update service 083c382b-410e-4068-8f3f-46a6f384aabb_authz; spec: /tmp/svcspec_k_f9rf40
Get service 27a701a9-9b7b-4072-9ca8-a6695934395a
Update service 27a701a9-9b7b-4072-9ca8-a6695934395a; spec: /tmp/svcspec_aut8vpy6
Get service 3cc88284-b45c-48cd-8be1-f8d7bf53c2c3
Update service 3cc88284-b45c-48cd-8be1-f8d7bf53c2c3; spec: /tmp/svcspec_fov0u_6x
Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.lcm.client
Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.lcm.client
Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.cloud.provider.services.plugin
Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.cloud.provider.services.plugin
Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vcenter.wcp
Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vcenter.wcp
Updated 43 service(s)
Status : 60% Completed [Reset vpxd-extension Cert...]
2023-05-10T07:46:56.882Z Updating certificate for "com.vmware.vim.eam" extension
2023-05-10T07:46:57.296Z Updating certificate for "com.vmware.rbd" extension
2023-05-10T07:46:57.693Z Updating certificate for "com.vmware.imagebuilder" extension
Reset status : 100% Completed [Reset completed successfully]
root@localhost [ ~ ]# service-control --start --all
Operation not cancellable. Please wait for it to finish...
Performing start operation on service lwsmd...
Successfully started service lwsmd
Performing start operation on service vmafdd...
Successfully started service vmafdd
Performing start operation on service vmdird...
Successfully started service vmdird
Performing start operation on service vmcad...
Successfully started service vmcad
Performing start operation on profile: ALL...
Successfully started profile: ALL.
Performing start operation on service observability...
Successfully started service observability
Performing start operation on service vmware-vdtc...
Successfully started service vmware-vdtc
Performing start operation on service vmware-pod...
Service vmware-pod startup type is not automatic. Skip
| 