Archive

Archive for the ‘SSL’ Category

“nasty” SSL/SSO lab exerices – lab 2

January 24th, 2015 No comments

After lab 1 was done a small coffee break directly leads into lab 2 showing the students on how to check if a specific VMware certificate template was created.

Read more…

Categories: Homelab, SSL Tags:

Planning and building the “nasty” SSL/SSO lab – Part 3

January 18th, 2015 No comments

This time we will be setting up the vCenter Server for one of the lab sessions later. Since we intentionally want to break something we need a very specific procedure though.

Read more…

Categories: Homelab, SSL, SSO Tags:

Planning and building the “nasty” SSL/SSO lab – Part 2

January 4th, 2015 No comments

As indicated in the last post this one will deal with the actual install and setup of the lab infrastructure. We will need 4 VMs as the basic minimum configuration. So let’s start by building out the Domain Controller machine.

Read more…

Categories: Homelab, SSL Tags:

Planning and building the “nasty” SSL/SSO lab – Part 1

January 3rd, 2015 No comments

As promised I wanted to start a small series on the content I developed to internally train TSEs to better handle SSL and SSO cases in vCenter Server 5.5. The whole training went from a mere 1 hour presentation to a full 2 day course and could easily enough be extended by another set of lab exercises and adding different products. As there is no hands on lab for replacing SSL certificates yet

Read more…

Categories: Homelab, SSL Tags:

VMUG presentations 2014

December 24th, 2014 No comments

Christmas is the time for sharing and giving. As I have been rather busy in the past 2 months to share other content you can find 3 of my VMUG and customer day presentations. Especially since both themes recently came up on twitter as well.

Read more…

Categories: SSL, SSO Tags:

Replacing SSL certificates in a 5.1 and 5.5 mixed mode install

July 27th, 2014 No comments

After setting up those CAs in the last two posts it would be a shame to have them just sitting around. As I am quite often getting the question how to replace certificates in an environment that is leveraging SSO 5.5 with vCenter 5.1 still in place the CA will be the perfect opportunity to demonstrate the process.

Read more…

Categories: SSL Tags:

Setting up a small lab CA on Windows 2012 R2 for vSphere certificate replacement

July 27th, 2014 No comments


Sure I can, so let’s go. Same assumptions as in the last post, this is not intended to be secure or anything, it should just serve the purpose of being easy to setup and work out of the box while being able to create certificates with Derek Seaman’s SSL toolkit, which should also be the requirement for the VSS Labs vCert Manager, and create vSphere basic stack compliant certificates.

Read more…

Categories: Homelab, SSL Tags:

Setting up a small lab CA on Windows 2008 R2 for vSphere certificate replacement

July 27th, 2014 No comments

Derek Seaman has done a great job describing on how to create a template for VMware View on 2008 and how to set up an intermediate CA structure in Windows Server 2012R2.

I tried going through the latter and found the procedure pretty elaborate for my own lab purposes so I thought about setting up a CA that still will work with his SSL toolkit but would be set up in about 10 minutes.

Read more…

Categories: Homelab, SSL Tags:

Changing the host name of vCenter Server 5.5 without reinstalling

June 1st, 2014 4 comments

And another twitter request that leads up to some experimenting of what you can do without relying on the installer.

Challenge accepted. The victim VC will be my own lab environment VC so this better works in the end. Additional information was provided by Jason which would make this procedure possible, the vCenter Server was a self contained instance without running any dependencies from the upper stack.

DisclaimerThis is not a tested or officially approved procedure by VMware at any means, use at your own risks, don’t come to me complaining if everything breaks, DO A BACKUP! The proper way would be a reinstall of the binary packages against existing databases.

Read more…

Categories: Homelab, SSL, SSO Tags:

vCert Manager – Installation

May 11th, 2014 No comments

As Michael Webster pointed out on twitter vExperts have the possibility to test out the vCert Manager from VSS Labs.

After a little back and forth with Michael due to some email issues I finally received the download and test license last week.

This will be a short series on how to install the product, integrate it with a Windows CA, request, extend and replace certificates for hosts and vCenter Server components and finally see if it actually can solve my “nasty” lab in which I pretty much reproduced every customer issue that I ran into so far in one single VM.

Unlike mentioned on the VSS Labs website the tool can actually cope with vCenter Server and ESXi 5.5.

Read more…

Categories: Homelab, SSL Tags: