I’m trying to automate the process of creating and renewing TLS certificates for my VMware vCenter servers using Certify the web and PowerShell. I want to use PowerShell to push the certificates to the vCenter servers after they are created or renewed by Certify the web. Does anyone have any experience or tips on how to do this? Here is what I have so far:
param($result) # Required to access the $result parameter
#Loads all Module(s)
Try { Import-Module -Name VMware.PowerCLI -ErrorAction Stop }
Catch { Write-Host "Unable to load VMware.PowerCLI module, Please, run 'Install-Module -Name VMware.PowerCLI -AllowClobber -Force'" -ForegroundColor Red; Exit }
if ($result.IsSuccess) {
# Edit Variables Below
$FQDM = "vcenter.vmware.com" # E.G. vcenter.vmware.com
$vCenterUsername = "username"
$vCenterPassword = "Your_Password"
# Do Not Edit Below This Point
# Setup to connect to a VMware vCenter.
$vCenterConnection = Connect-VIServer -Server $FQDM -User $vCenterUsername -Password $vCenterPassword
# Connect to a VMware vCenter
$vCenterConnection
# Getting new certs
$certificatePem = Get-Content -Path "C:\CTW\FullChain\$($FQDM)\$($FQDM).pem" -Raw
$certificatePrivKeyPem = Get-Content -Path "C:\CTW\FullChain\$($FQDM)\$($FQDM).privkey.pem" -Raw
# You will need manualy push up CA cert(s)
# Update the vCenter certificate
Try { Set-VIMachineCertificate -PemCertificate $certificatePem -PemKey $certificatePrivKeyPem -ErrorAction Stop }
Catch { Write-Host "Failed to update vCenter certificate. Error: $_" -ForegroundColor Red }
# Cleans up TLS certs.
Get-VITrustedCertificate | Where-Object { $_.NotValidAfter -lt (Get-Date) } | Remove-VITrustedCertificate
# Disconnect from vCenter
Disconnect-VIServer -Server $FQDM -Confirm:$false
}