Loading ...|
Jun
29
|
The communications to and from the VMware vCenter are encrypted via port 443 and as such use certificates to ensure their security.
There is the ability to add the keystore from a VMware vCenter during the initial install of vWorkspace 7.x – however it is not possible (at the moment 
) to go back and rerun this wizard if you decide to add vCenter after the initial installation.
So to do this after the fact we need to carry out these 6 actions:
- Download a copy of the certificate from the vCenter Server
- Place it in the correct vWorkspaceVMware-Certs folder
- Copy the KeyTool.exe from the Java Folder to the VMware-Certs folder
- Use the KeyTool.exe from the Java install to convert the *.cer to a vmware.keystore file
- Restart the Quest Connection Broker Service
- Try again to add the vCenter as a resource in the Management console
Download a copy of the certificate from the vCenter Server
Open a browser to the vCenter using the HTTPS heading, and after bypassing the warning , you should be able to click on the “Certificate Error” and call up the message box below.
Click on “View Certificates” and this will allow you to call up the actual certificate.
Click on the “Details” Tab and this will allow you to save a copy of the certificate to file
Save this to the “C:Program FilesQuest SoftwarevWorkspaceVMware-Certs” folder
Copy the KeyTool.exe from the Java Folder to the VMware-Certs folder
Copy the KeyTool.exe from the Java folder – “C:Program FilesJavajre1.5.0_11bin”:
(The folder name may vary depending on the Java versions installed)
Place it in the vWorkspaceVMware-Certs folder:
Use the Keytool.exe from Java to convert the *.cer to a vmware.keystore file
So now it’s best to open a CMD Prompt and navigate to the “C:Program FilesQuest SoftwarevWorkspaceVMware-Certs” Folder where we now want to run the following command:
keytool -import -file vcenter.quest.local.cer -alias vcenter.quest.local –keystore vmware.keystore
Now in the above example my test vCenter is called “vcenter.quest.local” so I have chosen to use that as the name for the resultant Cert (*.cer) as well as the Alias name – but you can use whatever name you want – so long as the last part stays as vmware.keystore and it is in the correct folder.
Restart the Quest Connection Broker Service
So now is also probably a good time to go and delete the vCenter you still have in the system?
Once you have cleaned it out then go ahead and restart the Quest Connection Broker service:
Try again to add the vCenter as a resource in the Management console
So now you should have no problems with adding the vCenter in to the vWorkspace Management Console as a valid VirtualCenter Server
June 29th, 2010 at 11:38 pm
[...] This post was mentioned on Twitter by Michel Roth and Gabe Knuth, David Caddick. David Caddick said: New blog post: http://tinyurl.com/2cuqq48 – Errors when trying to add vCenter to vWorkspace 7.x after the original install [...]