Category: SSL

vSphere 7 – Certificates with VMCA as Subordinate

vSphere 7 – Certificates with VMCA as Subordinate

Over the years I've written a number of blog posts about replacing the SSL certificates for vSphere. Back in the day it was exceedingly difficult and was very error prone (think 5.x and 6.x). However, VMware has made great strides with vSphere 7 in how you manage certificates. Yippee!For enterprises...

Windows Server 2019 Two-Tier PKI CA Pt. 3

Windows Server 2019 Two-Tier PKI CA Pt. 3

Now that we have our offline Windows Server 2019 certificate authority configured in Part 1, and our online subordinate setup in Part 2, now we should setup auto-enrollment and secure the subordinate’s web certificate services with SSL.Auto-enrollment is where domain joined Windows computers are automatically issued a computer certificate. Services...

Windows Server 2019 Two-Tier PKI CA Pt. 2

Windows Server 2019 Two-Tier PKI CA Pt. 2

Now that our root Windows Server 2019 certificate authority is installed and published to Active Directory from Part 1, it is time to bring online our subordinate CA. The subordinate CA will be our online issuing CA, since it will be the CA which issues all certificates, be they for...

Windows Server 2019 Two-Tier PKI CA Pt. 1

Windows Server 2019 Two-Tier PKI CA Pt. 1

Its been quite some time since I wrote up how to setup a Microsoft Windows two-tier certificate authority (CA). While Windows Server 2019 is not new, I did want to write up how to set a two-tier certificate authority (CA). I'm building out a new home lab, and thought this...

vSphere 5.5 Toolkit Updated

This weekend I did a minor update to my VMware vSphere 5.5 SSL Toolkit script. It's now at v1.59. I updated the OpenSSL download to use 0.9.8.zb, and also added a primitive PowerShell 3.0 check. PowerShell 3.0 and higher has always been required, but now I try and check for...

VSS Labs vCert Manager Part 2

This is part 2 of the VSS Labs vCert Manager installation and configuration series. In Part 1 we got vCert Manager installed, and secured with a trusted SSL certificate. In this section we will get into the nuts and bolts configuration and start replacing certificates. vCert Manager Configuration 1. First...

VSS Labs vCert Manager Part 1

Last August I wrote a blog post about this great new VMware SSL tool by VSS Labs called vCert Manager, which replaces many of your VMware SSL certificates all from the comfort of a nice GUI. It's a full certificate lifecycle management tool for VMware vSphere and related components. For...

vCenter 5.5 Update 1b Now Out

Earlier this year the Heartbleed OpenSSL vulnerability came to light, and many products from many different vendors were affected. Heartbleed is a very serious vulnerability, and you should conduct a thorough audit to validate all of your software and hardware components are not affected. My bet is that many of...

vSphere 5.5 Toolkit v1.55 Released

vSphere 5.5 Toolkit v1.57 Released

Now that vSphere 5.5 has been out for a few months, if you haven't already started working with it in your test environment, you should! A lot of great new features, and major improvements to the SSO experience. However, you still may find it a bit challenging to secure vCenter...

Page 1 of 2 1 2