wyeack
February 22, 2024, 5:39pm
1
I am trying to programmatically set the SSL of my vCenter using a cert generated by Certify the Web. I am using this post as a starting point:
I’m trying to automate the process of creating and renewing TLS certificates for my VMware vCenter servers using Certify the web and PowerShell. I want to use PowerShell to push the certificates to the vCenter servers after they are created or renewed by Certify the web. Does anyone have any experience or tips on how to do this? Here is what I have so far:
param($result) # Required to access the $result parameter
#Loads all Module(s)
Try { Import-Module -Name VMware.PowerCLI -ErrorAction Stop …
When I upload the certs via the UI, things work as expected, e.g. here:
https:///ui/app/admin/certificatesV2
However, when I try to use PowerShell like above to do the same thing, I get the following error:
I have tried everything I can think of - removing characters, combining certs, etc. but I can’t figure out why it’s not working. Any ideas?
The example you are using by @tdmarchetta requires the files to be exported in PEM format first, so you’d need to add the Deploy to Generic Service task first (you can drag and drop to arrange task order), then you would update your script to use those files.
I presume that’s what you’re already doing though?
The “invalid private key” message sounds a little like the wrong file is being referenced in the script. Your exported private key would normally look something like:
For an RSA type key:
-----BEGIN RSA PRIVATE KEY-----
MIIEogIBAAKCAQEAvr1Fd6NczJf/5S50MdfKB0trIya/DlB13VMt3DDI9UaSbBqE
+SH1wdccSyhCxwkS/YKLydsy0lFVYXjk4cF/0B+mJSafjSnRdOZfrcLXsSKqyx65
YRhNtBjHzm3ILSrWfF36QAGeZ0Tl0uUSKljrh1MJTIqG1xWiYijHfNf11cITPh03
CJ9w/FZlMXN+WQWkn1U7QRQF+/vFlJ86EILPYTbmbQQAnoASGpzeFNDAJPm2kIjj
PGXZw75X+frcPuTZaHIO6Wa/NKp5ezN1+Bs4nTUV5SDA2Yi2e3XvAPGMZ9QDWqms
8+YcdNwId1+qK16BToN/ElcV8l0wi2bljvz/8wIDAQABAoIBAFgsF4pMJtBfLYhs
toL5/Wbs2rx3o1dDI5Ep6+e/V45mzrYRdknShJBUV7x4gpIOpEwzhlpMLYyi04TJ
BYlE0UhM8Rl4ZsYzQCO5gR5KlTnJzEk0TT7QpM7tq6PGBQS4Kkl4if//n5GefF1G
zmRsEYjPflt3KAkSc6vLrRgNnxNuI1dyOc/smpDZii6OZC1ni26XZD+Ao1JiJ49p
cgEdciTDQyZ2lDbQ7Tk0FKFqVI4QdNwBDGKvifwYoHvP1LnAetN8o8pPx5jja5XA
q8i4zvKv1igfjCWDPp4CKVbDDLpB7FJMK39l2nAKJQSOiKxmVmYb3KmPdYUeenpS
vRIqMjkCgYEA+rn6PgvJxZifziEKLc3Ih2RcfzELZOh5mU9YAukytBR/Ud87lfZN
b4uUrQxH8yINetlWq6Nuh1SIZwlqz76LGrVKLc7a5+eHC0pAkDB8DX7N/CbAfZUY
2OHFuydq+hlymIymG2RGoiU8Nmp0c7IKlPSYvsH3/IzcLsOWwa8DOOkCgYEAwsBL
6UGqZ7I2uiXqkLyfmw9E6eNvXwjF2JWhULovPN/XtD5496BvaGQv+vCnnDIyX7wH
yB4bRG1fMrc+NZSxRCPN6bkkMErI7y9LbuVu1AT3LRPsURDasNEghcYpx/L0En6/
cylFuwxTttXQtQTbFH+Eim67TlcGUsfXPkuCaHsCgYBG69h3OIpolFWPzxS8BBuX
ALKRX+QjNQdAcIsqt6AaBDpHhGescbFRvh/eGz027wj1GQlFH8OiEC1NSAKopPNg
oxbLAoGAMQjhaiCXyuGxVGVJmoGYYd3zCMn3a+8tG2WcsglkNts4iB3WuYh25ma+
gjC1kemlJx0vY8lT8dBdp5kWY5Rl17C8sxEwryEsr4Ep6WP1XPf07haJtj4qRhFn
RRTkCOURS4STFyudbqXOj0cujtQX+hmI1ofViPFMPItXZbvj+KU=
-----END RSA PRIVATE KEY-----
For an EC type key:
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIPXwsorl9KGaY+dETyUCUmSkWwmFKQI76DSED2nB+l6aoAoGCCqGSM49
AwEHoUQDQgAExGw/NCe56HtwU9ojOzmJnNTuxjaYmO14yQTJvOSqfZwmHqVnHRps
KGmhIRorueQrywZoR7Hu8DirD0NH6OCVvA==
-----END EC PRIVATE KEY-----