Home > Homelab, SSL > vCert Manager – Installation

vCert Manager – Installation

As Michael Webster pointed out on twitter vExperts have the possibility to test out the vCert Manager from VSS Labs.

After a little back and forth with Michael due to some email issues I finally received the download and test license last week.

This will be a short series on how to install the product, integrate it with a Windows CA, request, extend and replace certificates for hosts and vCenter Server components and finally see if it actually can solve my “nasty” lab in which I pretty much reproduced every customer issue that I ran into so far in one single VM.

Unlike mentioned on the VSS Labs website the tool can actually cope with vCenter Server and ESXi 5.5.

Hardware requirements listed are not too high as well. The software is split into an application web front end and a database back end (MSSQL).

The front end requires at least 2.8 GHz dual core CPU, 2GB Ram (3 recommended) and 300MB disk space. Database server requirements are pretty much standard with MSSQL Express being supported as well.

Supported host operating systems include Windows Server 2008 and 2008 R2 as well as 2012.

Additionally the the installation requires IIS with ASP.NET feature and .NET Framework 4.5 to be installed.

So let’s start by installing the prerequisites.

Capture

I started by downloading the official .NET Framework from the Microsoft Website and continued by adding the Web Server role to my Windows Server 2008 R2 which also hosts my vCenter Server. Be sure to add ASP.NET as a feature as well during the wizard.

Capture2

As far as database preparation goes I added my domain administrator (yes I know but this is a lab…) as sysadmin to the existing MSSQL Express 2008 R2 instance of vCenter Server. This way I can rely on the installer to pick everything up correctly and create the database for me.

Capture9

Due to vCenter Server being installed on this system I need one more configuration change to IIS before I can continue as there will be a race condition happening to grab port 80 which is easily avoidable by simply reconfiguring the default website binding in IIS.

Capture3

At this point we are ready to fire up the installer and accept the license agreement. After this we need to provide 2 accounts which need access to the database service, you are free to choose either built in system accounts here or specific service accounts.

Capture5

The next screen will let you configure the database settings. Be sure to have the database precreated and having “dbowner” rights on that database when you are not using an account with the “sysadmin” role. If you do the installer will create the database for you.

Capture6

The next windows will let you choose the installation path and knowing installers I usually tend to stick to the default there. If everything goes according to plan you should be seeing the following screen.

Capture7

A short look into the MSSQL database shows that indeed everything got created as expected.

Capture8

When trying to login by browsing to http://localhost:8055 I got greeted by the following error message.

Capture10

Looks like I forgot to do something with the ASP.NET packet and yep the installer handbook actually points out that you will need to register it to IIS.

Capture11

A restart of the IIS service later I got greeted by the following screen instead which completes this installation post 🙂

Capture12

Categories: Homelab, SSL Tags: