root @localhost [ ~ ]# /usr/lib/vmware-vmca/bin/certificate-manager _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ | | | *** Welcome to the vSphere 6.8 Certificate Manager *** | | | | -- Select Operation -- | | | | 1 . Replace Machine SSL certificate with Custom Certificate | | | | 2 . Replace VMCA Root certificate with Custom Signing | | Certificate and replace all Certificates | | | | 3 . Replace Machine SSL certificate with VMCA Certificate | | | | 4 . Regenerate a new VMCA Root Certificate and | | replace all certificates | | | | 5 . Replace Solution user certificates with | | Custom Certificate | | NOTE: Solution user certs will be deprecated in a future | | release of vCenter. Refer to release notes for more details.| | | | 6 . Replace Solution user certificates with VMCA certificates | | | | 7 . Revert last performed operation by re-publishing old | | certificates | | | | 8 . Reset all Certificates | |_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _| Note : Use Ctrl-D to exit. Option[ 1 to 8 ]: 8 Do you wish to generate all certificates using configuration file : Option[Y/N] ? : Y Please provide valid SSO and VC privileged user credential to perform certificate operations. Enter username [Administrator @vsphere .local]: Enter password: Please configure certool.cfg with proper values before proceeding to next step. Press Enter key to skip optional parameters or use Default value. Enter proper value for 'Country' [Default value : US] : Enter proper value for 'Name' [Default value : CA] : Enter proper value for 'Organization' [Default value : VMware] : Enter proper value for 'OrgUnit' [Default value : VMware Engineering] : Enter proper value for 'State' [Default value : California] : Enter proper value for 'Locality' [Default value : Palo Alto] : Enter proper value for 'IPAddress' (Provide comma separated values for multiple IP addresses) [optional] : 10.10 . 10.10 Enter proper value for 'Email' [Default value : email @acme .com] : Enter proper value for 'Hostname' (Provide comma separated values for multiple Hostname entries) [Enter valid Fully Qualified Domain Name(FQDN), For Example : example.domain.com] : vsphere.local Enter proper value for VMCA 'Name' :vsphere.local Continue operation : Option[Y/N] ? : Y You are going to reset by regenerating Root Certificate and replace all certificates using VMCA Continue operation : Option[Y/N] ? : Y Get site nameCompleted [Reset Machine SSL Cert...] default -site Lookup all services Get service default -site:8d7d9dfe-a8a5- 4239 -98dd-11450c29e372 Update service default -site:8d7d9dfe-a8a5- 4239 -98dd-11450c29e372; spec: /tmp/svcspec_ofokwzjb Get service default -site:7cce27d9- 2054 -42de-88d0-18e6dda92974 Update service default -site:7cce27d9- 2054 -42de-88d0-18e6dda92974; spec: /tmp/svcspec_o33jb36v Get service default -site:b2989b91-cc7f-46fc- 9329 -51633c227544 Update service default -site:b2989b91-cc7f-46fc- 9329 -51633c227544; spec: /tmp/svcspec_hg_3lbrr Get service 215a0ae7-f36c-4feb-a91b-64f542f10737 Update service 215a0ae7-f36c-4feb-a91b-64f542f10737; spec: /tmp/svcspec_0g9aitb9 Get service 9913dd5a-29d9- 4944 - 9023 -b36a7f3f9aab Update service 9913dd5a-29d9- 4944 - 9023 -b36a7f3f9aab; spec: /tmp/svcspec_p3wa5u5o Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vsphere.client Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vsphere.client Get service 083c382b-410e- 4068 -8f3f-46a6f384aabb_kv Update service 083c382b-410e- 4068 -8f3f-46a6f384aabb_kv; spec: /tmp/svcspec_9_qw87q7 Get service a7b5290e-bdab-4b5f-835e-0e72025aec34 Update service a7b5290e-bdab-4b5f-835e-0e72025aec34; spec: /tmp/svcspec_z6vwsink Get service 95d64ba2-42e2-41eb-a999-9b5b529c59c8 Update service 95d64ba2-42e2-41eb-a999-9b5b529c59c8; spec: /tmp/svcspec_impoxn0n Get service af5ed366-41cf-42d0-8e4f-beae28ec85f1 Update service af5ed366-41cf-42d0-8e4f-beae28ec85f1; spec: /tmp/svcspec_1yg0oc6w Get service f3163235- 3656 - 4761 -84aa-47f62508af07 Update service f3163235- 3656 - 4761 -84aa-47f62508af07; spec: /tmp/svcspec_0ovp2qfp Get service c2c8bdc3-d12f-4ba4-9d46-ae02a3c84422 Don't update service c2c8bdc3-d12f-4ba4-9d46-ae02a3c84422 Get service 41c3a8d4-6fc2- 4681 -8ea2-11c04e38251d Update service 41c3a8d4-6fc2- 4681 -8ea2-11c04e38251d; spec: /tmp/svcspec_lbsneeph Get service 93aa8809-30dc- 4420 -ad6f-992274b208fc Update service 93aa8809-30dc- 4420 -ad6f-992274b208fc; spec: /tmp/svcspec__dpslmx_ Get service d34464b3-8d33- 4666 -952b-12f86993dff9 Update service d34464b3-8d33- 4666 -952b-12f86993dff9; spec: /tmp/svcspec_ix7p0ix2 Get service 59be3a84-a8d1-43f7-a438-f96b05cd293f Update service 59be3a84-a8d1-43f7-a438-f96b05cd293f; spec: /tmp/svcspec_fzr_0wzy Get service b5857733-e43c-45a2-9eea-ffe828e342e5 Update service b5857733-e43c-45a2-9eea-ffe828e342e5; spec: /tmp/svcspec_13838hnp Get service f4476059-f338-49e0-b593-bdbed7924b9f Update service f4476059-f338-49e0-b593-bdbed7924b9f; spec: /tmp/svcspec_heu48h53 Get service 5cd17d52-143e-4f94-bdc9-460395aa2788 Update service 5cd17d52-143e-4f94-bdc9-460395aa2788; spec: /tmp/svcspec_h44reiwc Get service eb4088cb-587c-462f-ae74-dee39ecd2d81 Update service eb4088cb-587c-462f-ae74-dee39ecd2d81; spec: /tmp/svcspec_n3bn7nac Get service 77a8311e-f84b-4f6a-85af-5aad7410d07f Update service 77a8311e-f84b-4f6a-85af-5aad7410d07f; spec: /tmp/svcspec_4uagg_qw Get service 961ed673- 2103 - 4389 -a3ff-15fe1136c1c8 Update service 961ed673- 2103 - 4389 -a3ff-15fe1136c1c8; spec: /tmp/svcspec_ama3feqa Get service dbc775d9-a14d-4c52-ab0f-04adc7f4e64e Update service dbc775d9-a14d-4c52-ab0f-04adc7f4e64e; spec: /tmp/svcspec_s28drpmn Get service 510feef8-19c7-4a8e-8b6f-81b20b391338 Update service 510feef8-19c7-4a8e-8b6f-81b20b391338; spec: /tmp/svcspec_n3phr010 Get service c4e34b09- 0335 -470e-a2cd-3fc032957b4c Update service c4e34b09- 0335 -470e-a2cd-3fc032957b4c; spec: /tmp/svcspec_ffb4f7ea Get service 721a3bc4-ecc8-4e0e- 8403 -1fd44e84e8cc Update service 721a3bc4-ecc8-4e0e- 8403 -1fd44e84e8cc; spec: /tmp/svcspec_g2yil2u2 Get service 5989812c-590d-44cb-bc3a-8172ea0fa85f Update service 5989812c-590d-44cb-bc3a-8172ea0fa85f; spec: /tmp/svcspec_57e17tya Get service 083c382b-410e- 4068 -8f3f-46a6f384aabb Update service 083c382b-410e- 4068 -8f3f-46a6f384aabb; spec: /tmp/svcspec_5l0hyjrf Get service 5445743e-ca86-4e7a-85fc-106198e3a590 Update service 5445743e-ca86-4e7a-85fc-106198e3a590; spec: /tmp/svcspec_jqs60mmd Get service 471ca192-a964- 4346 -9f1b-8a89c9684567 Update service 471ca192-a964- 4346 -9f1b-8a89c9684567; spec: /tmp/svcspec_x4joob3k Get service eafc231a- 0493 -4d9f- 9351 -99c204ffc715 Update service eafc231a- 0493 -4d9f- 9351 -99c204ffc715; spec: /tmp/svcspec_j1ln95s5 Get service bf973dfe- 0161 - 4543 -befc-04fc23d1a1d1 Update service bf973dfe- 0161 - 4543 -befc-04fc23d1a1d1; spec: /tmp/svcspec_f6ia8c_t Get service 7a5d1b63-e0f6-4eb1-8c99-2d1ffabf278b Update service 7a5d1b63-e0f6-4eb1-8c99-2d1ffabf278b; spec: /tmp/svcspec_udegb3_c Get service a3695900-ee1c- 4494 -9f2b-351b963cffa3 Update service a3695900-ee1c- 4494 -9f2b-351b963cffa3; spec: /tmp/svcspec_3456cofm Get service 5b00a6a9-efa7- 4844 - 8144 -4b1e5f9d3fcc Update service 5b00a6a9-efa7- 4844 - 8144 -4b1e5f9d3fcc; spec: /tmp/svcspec_akqdsizn Get service 29f0ad2a-2d18- 4744 -8cdb-31b50764cbee Update service 29f0ad2a-2d18- 4744 -8cdb-31b50764cbee; spec: /tmp/svcspec_482hrta2 Get service 29cbc4aa- 8893 - 4922 -afff-649cc25a6423 Update service 29cbc4aa- 8893 - 4922 -afff-649cc25a6423; spec: /tmp/svcspec_3hrq76o2 Get service 10e1363e-ef1d-47f0-b0b6-6cab7e37d144 Update service 10e1363e-ef1d-47f0-b0b6-6cab7e37d144; spec: /tmp/svcspec_7zpp8yk9 Get service b7ef48d7-c124-45e8-8d22-b850349027e2 Update service b7ef48d7-c124-45e8-8d22-b850349027e2; spec: /tmp/svcspec_1s0nxvd4 Get service 3ab8929e-91c8-42dc-aa31-786c45309610 Update service 3ab8929e-91c8-42dc-aa31-786c45309610; spec: /tmp/svcspec_ti3j2mgb Get service 77e6dcf0- 5007 -42ff-b3be-3d496c6dc8b6 Update service 77e6dcf0- 5007 -42ff-b3be-3d496c6dc8b6; spec: /tmp/svcspec_97989zbp Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a Update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a; spec: /tmp/svcspec_1z9un83v Get service 083c382b-410e- 4068 -8f3f-46a6f384aabb_authz Update service 083c382b-410e- 4068 -8f3f-46a6f384aabb_authz; spec: /tmp/svcspec_k_f9rf40 Get service 27a701a9-9b7b- 4072 -9ca8-a6695934395a Update service 27a701a9-9b7b- 4072 -9ca8-a6695934395a; spec: /tmp/svcspec_aut8vpy6 Get service 3cc88284-b45c-48cd-8be1-f8d7bf53c2c3 Update service 3cc88284-b45c-48cd-8be1-f8d7bf53c2c3; spec: /tmp/svcspec_fov0u_6x Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.lcm.client Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.lcm.client Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.cloud.provider.services.plugin Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.cloud.provider.services.plugin Get service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vcenter.wcp Don't update service f55500bf-673b-41aa-bd4f-44cc4db2fe0a_com.vmware.vcenter.wcp Updated 43 service(s) Status : 60 % Completed [Reset vpxd-extension Cert...] 2023 - 05 -10T07: 46 : 56 .882Z Updating certificate for "com.vmware.vim.eam" extension 2023 - 05 -10T07: 46 : 57 .296Z Updating certificate for "com.vmware.rbd" extension 2023 - 05 -10T07: 46 : 57 .693Z Updating certificate for "com.vmware.imagebuilder" extension Reset status : 100 % Completed [Reset completed successfully] root @localhost [ ~ ]# service-control --start --all Operation not cancellable. Please wait for it to finish... Performing start operation on service lwsmd... Successfully started service lwsmd Performing start operation on service vmafdd... Successfully started service vmafdd Performing start operation on service vmdird... Successfully started service vmdird Performing start operation on service vmcad... Successfully started service vmcad Performing start operation on profile: ALL... Successfully started profile: ALL. Performing start operation on service observability... Successfully started service observability Performing start operation on service vmware-vdtc... Successfully started service vmware-vdtc Performing start operation on service vmware-pod... Service vmware-pod startup type is not automatic. Skip |