Ellin.com
Not Very Interesting
Generating a cert for vcenter7
Generating a cert for vcenter7
  1. Gnerate CSR

    https://vcenter7.ellin.net/ui/app/admin/certificates

  2. Sign the CSR

    openssl x509 -req -in vcenter7.ellin.net.csr -CA rootCA.pem -CAkey rootCA-key.pem -CAcreateserial -out vcenter.crt -sha256 -extfile v3.ext -days 365

    Set the desired number of days.

  3. put the following in v3.ext

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
    authorityKeyIdentifier=keyid,issuer
    basicConstraints=CA:FALSE
    keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment
    subjectAltName = @alt_names

    [alt_names]
    DNS.1 = vcenter7.ellin.net
    DNS.2 = vcenter7
    DNS.3 = 192.168.1.72


Last modified on 2021-01-14

comments powered by Disqus