Using AD signed certificates with vCenter Server Appliance 6

Creating signed certs for vCenter has never been easy, with the new release of 6.0 though this has changed somewhat, there is a built in certificate manager that allows you to import a CA (say Microsoft AD) cert and key to have VMCA sign it’s own certs with and make them trusted. First thing, we need to set up an AD cert template for vSphere 6.0, that’s in my article here....

July 19, 2015 · Myles Gray

Creating a vSphere 6 certificate template in Active Directory

Signing certs for VMware has always been a pain in the ass, it’s gotten a lot better in v6 but there are a few caveats, what we’re going to do here is set up a certificate template in Active Directory from which we will sign our vCenter certificates. Load up your AD-CA box and run: certtmpl.msc Next right click on Web Server and click Duplicate Template: If you use an encryption level higher than sha1 choose Windows Server 2008 as the Certification Authority....

July 19, 2015 · Myles Gray

Utilising Kerberos/AD auth in Ubuntu 14.04 with realmd

It has, over the years always been quite a quandary to get SSO auth working from *nix -> MS AD without a huge amount of fiddling and tinkering, but there is a new auth framework in town by the name of realmd ↗. While tinkering with The Foreman ↗ recently it had dawned on me it would be cool to have it set up such that, after the VM had been automatically provisioned it would allow me to SSH into it using my AD credentials....

December 8, 2014 · Myles Gray