{"id":107,"date":"2008-01-17T08:44:00","date_gmt":"2008-01-17T15:44:00","guid":{"rendered":"http:\/\/www.jasemccarty.com\/blog\/2008\/01\/go-daddy-wildcard-certificate-with-vi3.html"},"modified":"2008-01-17T08:44:00","modified_gmt":"2008-01-17T15:44:00","slug":"go-daddy-wildcard-certificate-with-vi3","status":"publish","type":"post","link":"https:\/\/www.jasemccarty.com\/blog\/go-daddy-wildcard-certificate-with-vi3\/","title":{"rendered":"Go Daddy Wildcard Certificate with VI3"},"content":{"rendered":"

Well, I’ve confirmed on my test system, that a Go Daddy wildcard certificate will work on a VI3 (VirtualCenter 2.5 & ESX 3.5) system.<\/span><\/p>\n

Let’s say you already have a wildcard certificate in place on an IIS web server, and you’d like to use it in your VI3 environment.<\/p>\n

First you’ll need to export the cert from your IIS box, using the Certificates snap in.
\"\"<\/a>
Right click, then All Tasks, then Export, and Next on the first screen<\/p>\n

\"\"<\/a>
Select “Yes, export the private key<\/span><\/p>\n

\"\"<\/a>
“Personal Information Exchange – PKCS #12 (.PFX)” should be selected
And “Include all certificates in the certification path if possible” should be checked.<\/p>\n

\"\"<\/a>
Enter your password here<\/span><\/p>\n

\"\"<\/a>
Enter a filename for the exported cert. I called it wildcard.pfx<\/p>\n

\"\"<\/a>
Click finish.<\/p>\n

Now you’ll need to use OpenSSL<\/a> to convert the file you just generated.<\/p>\n

I ran the openssl.exe from the path on my test system (C:opensslbin)<\/p>\n

\"\"<\/a>
C:opensslbinopenssl.exe pkcs12 -in wildcard.pfx -out wildcard.txt -nodes. You will be asked for the password you entered when you were exporting the pfx.<\/p>\n

Now open the wildcard.txt with Wordpad (notepad won’t work). I use <\/span>Win32Pad<\/a> instead.<\/span><\/p>\n

Grab the portion with the following:
—–BEGIN RSA PRIVATE KEY—–
(Block of Random Text)
—–END RSA PRIVATE KEY—–
And save this (notepad is fine for this) as rui.key<\/span><\/p>\n

Grab the portion with the following:<\/span>
—–BEGIN CERTIFICATE—–<\/span>
(Block of Random Text)
<\/span>—–END CERTIFICATE—–<\/span><\/p>\n

And save this (notepad is fine for this) as rui.crt<\/p>\n

Make sure you make a backup of the existing keys, in the case that something goes wrong with this process. They are located in the <\/span>c:Documents and SettingsAll UsersApplication DataVMwareVMware VirtualCenterSSL<\/span> folder.<\/span>

Now, rename the wildcard.pfx to rui.pfx. Copy rui.pfx, rui.crt, and rui.key files, to the above folder.<\/span><\/p>\n

You’ll then need to reinitialize the vpxd password. Run “vpxd.exe -p” again from a Dos box in the following folder:<\/span>
c:Program FilesVMwareInfrastructureVirtualCenter Server<\/span><\/p>\n

Then restart your VirtualCenter service.<\/span><\/p>\n

You should then be able to log into your VirtualCenter server using a wildcard certificate.<\/span><\/p>\n

Additionally, you can upload the rui.crt and rui.key files to your ESX host (using <\/span>WinSCP<\/a>) to the <\/span>\/etc\/vmware\/ssl\/<\/span> path. Make sure you back these up too.<\/span><\/p>\n

I then restarted my ESX 3.5 system, and it started to use the wildcard certificate as well.<\/p>\n

<\/span>\"\"<\/a>
As always, If you wish to use this method that I have seen success with, feel free to.
By using the methods I have described, you agree that I will not be held liable for any issues in your environment.<\/span><\/span><\/p>\n

Enjoy.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"

Well, I’ve confirmed on my test system, that a Go Daddy wildcard certificate will work on a VI3 (VirtualCenter 2.5 & ESX 3.5) system. Let’s … <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[12],"tags":[],"class_list":["post-107","post","type-post","status-publish","format-standard","hentry","category-virtualization"],"_links":{"self":[{"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/posts\/107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/comments?post=107"}],"version-history":[{"count":0,"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/posts\/107\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/media?parent=107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/categories?post=107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jasemccarty.com\/blog\/wp-json\/wp\/v2\/tags?post=107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}