vSphere 6.x SSL Trust Anchors

In vSphere 6.x all services and components have Service Registration details recorded in the VMware Directory Service of the Platform Services Controller.

Each Service Registration can contain one or more Endpoint entries.

Each Endpoint may contain an SSL Trust value.

The SSL Trust value must always match the current Machine SSL certificate of the PSC or VC or Embedded node it refers to.

If you use the Certificate-Manager from 6.0 U1b or later – the tool will take care of updating these entries. If you replace the Machine SSL manually or have used the tool before 6.0 U1b then you may encounter this issue.

Continue reading “vSphere 6.x SSL Trust Anchors”


Automating vCenter Server 5.5 repoint to a new SSO 5.5

As you might have already read my previous post on  Migrating from Embedded SSO to External PSC you probably know how tedious the vCenter Server 5.5 re-pointing process can be.

I’ve taken VMware’s KB2033620 a wrapped it all up in Windows Batch Script to largely automate the process.

Continue reading “Automating vCenter Server 5.5 repoint to a new SSO 5.5”