vCenter Plugins, SSL certificates, ExtensionManager and Powershell – what more could you want for Christmas?

I was recently working in a lab environment trying to register the vCenter Operations 5.6 virtual appliance into a vCenter Virtual Appliance environment. As a standard practice I like to issue CA signed certificates to everything — even in a lab environment — so I’ll know what to expect in production.

Even after replacing the SSL certificate (here are some instructions on that process: http://www.bussink.ch/?p=458) you’ll still get an SSL warning because the plugin is registered by IP address instead of DNS name. There is another great article here: http://www.vstable.com/2012/04/02/vcenter-operations-5-x-vcenter-plugin-uses-ip-instead-of-dns-hostname/ that includes a two step process to resolve the warnings.

Step 1 is easy and very straight forward…you use vi or some other text editor to update a file on the UI virtual appliance. The second step is a little more challenging because I’m working with the vCenter Virtual Appliance and the embedded database, making the required database changes a bit tougher. Since the article described where to find this value in the Managed Object Browser, I figured I could find and update it from PowerCLI.

1
2
3
4
$exMgr = Get-View ExtensionManager
$vcops = $exMgr.ExtensionList | ?{$_.key -eq 'com.vmware.vcops'}
$vcops.Server[0].Url = "https://vcops-ui/vcops-vsphere/viClientConfig.xml"
$exMgr.UpdateExtension($vcops)

This code is fairly straightforward.
Line 1: Use Get-View to connect to the ExtensionManager where vSphere plugins are registered.
Line 2: Find the vCOps plugin and make a copy of all the properties to a variable called $vcops.
Line 3: Update only the Server URL to use a name instead of an IP address
Line 4: Use the ExtensionManager connection from line 1 to write the updated $vcops extension back to vCenter

A refresh of the MOB shows that this updated value is immediately available — even without a restart of the vCenter Service.

Leave a Reply

Your email address will not be published. Required fields are marked *


*

Notify me of followup comments via e-mail. You can also subscribe without commenting.