Keeping Up to Date and Reading VMware Documentation on Amazon Kindle

Since moving to Lincolnshire in August 2014 and whist still working on customer sites in London the majority of the time, I found myself doing
Read Article

vRealize Automation 6.1, SSO and the Identity Appliance

There seems to be some confusion as to whether or not the Identity Appliance that ships as part of vRealize Automation (previously known as vCloud
Read Article

New ESXi Whitebox Servers for Home Lab

I’ve been thinking about retiring my old home lab server hardware for some time now. I’ve had two little HP ProLiant ML110 G5 servers for
Read Article
×

Warning

JUser: :_load: Unable to load user with ID: 62

09 Jun 2010
Rate this item
(0 votes)

I am delighted to say that I have received confirmation that I had been awarded a VMware vExpert 2010 award. I am humbled and honored to be included in the program for a second year running. Thank you VMware!

 

According to the vEXPERT Landing Page  "The VMware vExpert Award is given to individuals who have significantly contributed to the community of VMware users over the past year. vExperts are book authors, bloggers, VMUG leaders, tool builders, and other IT professionals who share their knowledge and passion with others. These vExperts have gone above and beyond their day jobs to share their technical expertise and communicate the value of VMware and virtualization to their colleagues and community."

Read more...
07 Jun 2010
Rate this item
(0 votes)

Well, it seems like telecoms has become yet another obstacle again for www.virtualvcp.com. Today I've had to make a call to BT (the main UK landline provider) as my ADSL line picked up a fault over the weekend. For this reason, I regret to say that www.virtualvcp.com might be unavailable at times as the ADSL connection might drop off every now and then. BT is due to fix the issue tomorrow.

I am glad to report that BT Openreach has fixed the problem with the ADSL line that supports virtualvcp.com. The site is back online now!

Read more...
Written by 0 comment
06 Jun 2010
Rate this item
(0 votes)

This article forms part of the Replacing vSphere SSL Certificates series.

Before you continue with the following procedure, ensure that you have completed Step 1: Prepare OpenSSL and Microsoft CS

We will be using OpenSSL to generate a new RSA key. We will then use this key to generate a new SSL Certificate Request that we can submit to the Microsoft Certificate Authority that we have created in Step 1.

 On the SSL Server that we have prepared in Step 1, Open a new command prompt window and change directory to the “C:\OpenSSL-Win32\bin” directory.

Read more...
Written by 0 comment
Published in VMware vSphere
01 Jun 2010
Rate this item
(0 votes)

This article forms part of the Replacing vSphere SSL Certificates series.

In order to request and self sign new SSL certificates for VMware vCenter Server 4.x and VMware Update Manager we will need to get a certificate authority up and running. For this lab, we will use a Microsoft Windows 2003 Server running Microsoft Certificate Services as our Certificate Authority. Although we will be using Microsoft Certificate Services to sign the new SSL Certificates, OpenSSL will be used to generate the SSL Certificate Requests that will be submitted to the Microsoft Certificate Authority.

To build the SSL CA Server we will need to have the following software components:

  • A Windows 2003 Server
  • Microsoft Internet Information Services (IIS) enabled
  • Microsoft Certificate Services Installed
  • Visual C++ Redistibutable (Download this from here )
  • Win32 OpenSSL V1.0.0 Lite (Download this from here) 

For this example I have prepared a Windows 2003 Server called LABSSL01 and I've also added the server to the LABS.UK.VIRTUALVCP.COM domain. So, the FQDN of our SSL Certificate Authority server for this example will be: labssl01.labs.uk.virtualvcp.com.

Preparing the server for Microsoft Certificate Services

The first thing that we will need to get in place is IIS. We will use IIS to access the Microsoft Certificate Services Web Portal. The web portal will be handy to:

  • Submit new SSL Certificate Requests to the Microsoft CA
  • Download the signed SSL Certificates
  • Download the CA Root Certificate to client machines

We will be installing the IIS and Certificate Services components at the same time.

Using Add or Remove Programs from the Windows Control Panel, Click the Add/Remove Windows Components Button:

addremove_win_comp_button

Select "Application Server" and click "Details". Then select the following components under "Application Server"

  • Application Server Console
  • Enable network COM+ access
  • Internet Information Services

 iis_comp_selection

Once the components have been selected, Click OK.

With the IIS components now selected, we can go ahead and select the Certificate Services components as well.

Select "Certificate Services", then click "Details"

CA-Details_Button

The Certificate Services components dialog opens. Select the following components before clicking "OK":

  • Certificate Services CA
  • Certificate Services Web Enrollment Support

CA_Component_selection

When Certificate Services CA is selected, the following message will appear. Click "Yes" to continue

CA_Domain_Warning

Now that both IIS and Certificate Services components have been selected, click "Next".

CA-IIS-ClickNext

As we are installing a new Certificate Authority, we need to provide some information for the new Certificate Authority.

For the CA type, select "Stand-alone root CA" and click "Next" 

CA-Type

Now it's time to supply information that will identify the new Certificate Authority. The information provided here will also be included in each SSL certificate that the new CA will sign in the future.

At least the "Common Name for this CA" field should be completed as well as the "Validity period" field.

CA-ID-Info

At the Certificate Database Settings dialog, keep the default settings and click "Next"

CA-DB-Settings

A message will appear stating that in order to complete the installation, Internet Information Services must be restarted. Click "Yes" to acknowledge this message.

CA-IIS-restart

You may also be presented with a message requesting that ASP be enabled. Click "Yes" to enable ASP now.

CA-Enable-ASP

During the installation, you may be prompted for the Windows 2003 Installation CD. Please make sure that you have this handy in order to complete the installation of IIS and Certificate Services.

When the above steps have been completed, your server will be an ASP Web Server as well as a Certificate Authority capable of signing new SSL Certificates. However we will still need to install OpenSSL for Windows. OpenSSL is used to generate new SSL Certificate requests that will be submitted to the new Microsoft Certificate Authority. In this example, our Certificate Authority is called "VirtualVCP SelfSign Certificate Authority"

 

 In order for your client machines to verify the authenticity of any certificates signed by your new CA, you will have to download and install the CA root certificate on each client machine. The new CA root certificate can be downloaded from http://<your-ca-server>/certserv


Installing Win32 OpenSSL V1.0.0 Lite

NOTE: Before installing Win32 OpenSSL V1.0.0 Lite, please download and install Visual C++ Redistibutable from the Microsoft Website.

Download Win32 OpenSSL V1.0.0 Lite from here

Run the Win32 OpenSSL Light installer. At the Welcome dialog, click “Next”

openssl_01_welcome

Select “I accept the agreement” and click “Next”

openssl_02_eula

Keep the default Destination Location as “C:\OpenSSL-Win32” and click “Next”

openssl_03_install_dest

Select "The OpenSSL binaries (/bin) directory" and click "Next"

openssl_05_libdir

Click "Finish" to complete the installation

openssl_06_finish

This then completes the SSL Server preparation. However, as we will be issuing new SSL certificates using the SSL Certificate Authority installed on this server, we will have to import the CA's root certificate into the Trusted Root Certification Authorities store of each of the client computers that will be using the vSphere client to connect to vCenter and VUM.


Continue to the next step: Generate a new SSL Certificate Request

Read more...
28 May 2010
Rate this item
(0 votes)

The following patches have been released by VMware on 27 May 2010 for VMware ESX 4 and ESXi 4. Out of the 14 patches released, 1 is rated critical:

 

ID: ESX400-201005401-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates vmkernel64, scripts, tools etc

ID: ESX400-201005402-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates VMware-webCenter-esx

ID: ESX400-201005403-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates Expat

ID: ESX400-201005404-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates NTP

ID: ESX400-201005405-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates gzip

ID: ESX400-201005406-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates krb5 and pam_krb5

ID: ESX400-201005407-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates gcc packages

ID: ESX400-201005408-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates bind-libs and bind-utils

ID: ESX400-201005409-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: esx 4.0.0 Updates sudo

ID: ESXi400-201005401-SG  Impact: HostSecurity  Release date: 2010-05-27  Products: embeddedEsx 4.0.0 Updates Firmware

ID: ESXi400-201005402-BG  Impact: Critical  Release date: 2010-05-27  Products: embeddedEsx 4.0.0 Updates VMware Tools

ID: VEM400-201005001-BG  Impact: HostGeneral  Release date: 2010-05-27  Products: embeddedEsx 4.0.0, esx 4.0.0 Cisco Nexus 1000V VEM

ID: VEM400-201005011-BG  Impact: HostGeneral  Release date: 2010-05-27  Products: embeddedEsx 4.0.0, esx 4.0.0 Cisco Nexus 1000V VEM

ID: VEM400-201005021-BG  Impact: HostGeneral  Release date: 2010-05-27  Products: embeddedEsx 4.0.0, esx 4.0.0 Cisco Nexus 1000V VEM

Read more...
12 May 2010
Rate this item
(0 votes)

Image Source: PHD Virtual

PHD Virtual continues to extend our product family to meet the expanding needs of the virtualization community. On May 6th, we announced PHD Virtual Backup for Citrix XenServer.  We are also happy to tell you that as of September, 2010 we will also offer support for VMware ESXI.

Learn more about how we  can support your current VMware backup and recovery as well as your future requirements by contacting a PHD Representative today at 1.866.710.1882!

As we continue to build on robust legacy of the award-winning esXpress 4.0, PHD Virtual’s products meet enterprise requirements for flexibility and scalability by using the virtual appliance itself to perform backups, in less time, more reliably, and at a lower cost. We are the only enterprise data protection solutions that operate independent of the hypervisor offering greater stability and more security.

PHD Virtual also provides a collaborative path to integrate with all major physical backup solutions (including products from Data Domain, Quantum, Symantec, EMC, HP, IBM, etc.) for end-to-end data protection throughout the enterprise.  Today, thousands of customers worldwide trust their mission critical data to PHD Virtual’s solutions.

Learn more about our currents products, as well as our new offering for Citrix by attending a webinar on May 19 at 2 pm EST

Read more...
Rynardt Spies
@vcdxnz001 I wish I could in this case.
Rynardt Spies
Drawing Visio diagrams for High Level Design = Time consuming.
Rynardt Spies
Either the RAF or US Air force is in full swing again today above my house. Constant noise of F15s. Joys of living near training airspace.
Rynardt Spies
RT @fudgecrumpet: There are two types of parents. Those that have never seen Frozen. Those that have seen Frozen eight million times and no…
Follow Rynardt Spies on Twitter