WilliamLam.com

Automating the import of vCenter Server 6.x root certificate

by // 14 Comments

In vSphere 6.0, you can now easily import your vCenter Server's trusted root CA certificate onto your client desktop by simply downloading it from the vCenter Server's landing page as shown in the screenshot below. Michael White had also recently wrote about this topic here which includes a step by step walk through.

automate-import-of-vcenter-server-root-certificate-3
Several weeks back I was working on an internal project which required the vCenter Server's root certificate. I was already aware of this interface and had written a quick and dirty script to automate the process of downloading and importing the certificate to the system I was working on. To be honest, I did not think much of the script after I wrote it. It was just recently that Alan Renouf, who was also involved in the project mentioned that it might be worth sharing the script as others might also find it useful. I thought that was a good idea and re-factored the code a bit since it was being used in a slightly different context. While doing so, I also created an equivalent PowerShell sample since the original script was meant to run on either a Mac OS X or Linux platform.

With that, I have created a simple shell script called import-vcrootcertificate.sh which can run on either Mac OS X or Linux system and a PowerShell script called Import-VCRootCertificate.ps1

Both scripts are pretty easy to use, they accept a single command-line argument which is the Hostname/IP Address of the vCenter Server that you wish to import the root certificate from. Both scripts ere able to detect if the vCenter Server is Windows or the VCSA since they have a slightly different URL to the root certificate before performing the import. Since the script will need access to your certificate store, you will need to run the scripts using a privileged account.

Here is a screenshot of running the PowerShell script:

automate-import-of-vcenter-server-root-certificate-0
Here is a screenshot of running the shell script:

automate-import-of-vcenter-server-root-certificate-2

Quick Tip - Minor changes on how to customize vSphere 6.0 Update 2 Web Client login UI

by // 6 Comments

For those of you interested in customizing the vSphere Web Client login UI in the latest vSphere 6.0 Update 2 release, you may have found that after following the instructions here, the result is an empty background image. The reason this happens is that as of vSphere 6.0 Update 2, new capabilities such as a Logon Banner and 2-Factor Authentication using Smart Card support have been added. All of these capabilities are UI driven and as one would expect, they have updated HTML/CSS pages which from vSphere 6.0 or vSphere 6.0 Update 1. If you simply took the existing sample templates in my Github repo and replaced it on your system, the vSphere Web Client would not be able render them properly.

customize-vsphere-web-client-login-ui-vsphere-60-update-2
The fix is actually quite simple, instead of just copying the sample templates I have, you need to make a copy of the existing vSphere 6.0 Update 2 files (login.css & unpentry.jsp) and make the relevant code changes. Given the number questions I have received on this topic, I figure I would just create a new Github repo that contains vSphere 6.0 Update 2 specific sample themes.

Disclaimer: This is not officially supported by VMware, if you decide to enable this, please use at your own risk and ensure you backup all original files in case you need revert back to the original configurations.

For the full instructions and sample themes for customizing the vSphere Web Client login UI for vSphere 6.0 Update 2, have a look at the new Github repo here https://github.com/lamw/customize-vsphere-web-client-6.0u2 and for vSphere 6.5, have a look at the repo here https://github.com/lamw/customize-vsphere-web-client-6.5 

Thank you for voting for virtuallyGhetto on TopvBlog2016!

by // Leave a Comment

The results for the Top 25 Virtualization Blog for 2016 run by Eric Siebert over at vsphere-land.com was just announced yesterday. You can find the results here or watch the full recording below. It was a very, very close race this year for the #1 spot but my fellow colleague Duncan Epping was still able to maintain his position as the #1 Virtualization Blogger voted by the community. I have to admit, It would have been really nice to finally de-throne the king after all these years 😉 but I am still very humbled and honored to have been in the running and maintaining my #2 position for the third year in a row. I am also very happy to announce that virtuallyGhetto was voted as the Top Scripting Blog for the 4th year in a row!

At the end of the day, I truly believe that our overall VMware/Virtualization community is made stronger through all the content that is created, the collaboration and engagement that each and every one of us brings. Lastly, I would like to take this moment and thank everyone who voted for virtuallyGhetto and thank you to all my readers who have engaged and supported me in this past year. I really do appreciate it. I Look forward to continue sharing with the community and we will try again next year 🙂