SAN CERTIFICATE

Using the API to add a new certificate to a vRLI cluster

March 13, 2020 Kim Bottu 0

When you have to replace certificates on multiple vRLI clusters, using the API might be a better way to change them on all your cluster nodes. Prerequisites You will need to prepare a certificate with a subject alternative name (SAN) for each of the cluster members and the Internal Load Balancer (ILB).You can use this article as a guide. How to Take note that I do not know if this is officially supported, but in my tests it works. Use a REST API client and connect to the ILB IP and request a session token. Make sure to add the credentials to the body of your request. When you post the command, a session token will be generated. You need […]

Generating SAN security certificate for NSX-T and PKS on Windows

July 22, 2019 Kim Bottu 0

A friend of mine had some problems generating certificates for NSX-T to be used with PKS. When he tried using the commands, from his mac, as instructed by https://docs.vmware.com/en/VMware-Enterprise-PKS/1.2/vmware-enterprise-pks-12/GUID-generate-nsx-ca-cert.html , he would have error all over the place. For your information, afterwards we found out that the copy of the code generated some characters that the CLI didn’t like. Generating SAN certificates on Windows for NSX-T and PKS So I decided to generate the certificates in a different way, using the Windows version of OpenSSL. Obviously the code inthe VMware article will not really work, since that was created for linux type of platforms. Here is what we used to generate the certificate on Windows: Windows certificate creation A certificate […]