vSphere 6.x SSL Trust Anchors

In vSphere 6.x all services and components have Service Registration details recorded in the VMware Directory Service of the Platform Services Controller.

Each Service Registration can contain one or more Endpoint entries.

Each Endpoint may contain an SSL Trust value.

The SSL Trust value must always match the current Machine SSL certificate of the PSC or VC or Embedded node it refers to.

If you use the Certificate-Manager from 6.0 U1b or later – the tool will take care of updating these entries. If you replace the Machine SSL manually or have used the tool before 6.0 U1b then you may encounter this issue.

Continue reading “vSphere 6.x SSL Trust Anchors”

Advertisements

Caution: VCHA user password

When VCHA is enabled, a new OS user “vcha” is created and used for the file based replication.

This morning I experienced an issue on one of my VCHA setups (but not the other) where replication was failing when I arrived into the office.

Update 23/01/2017 – This is a real issue and not a once off. VMware Engineering are aware.

Continue reading “Caution: VCHA user password”