PowerVCF - Connect SDDC Manager to the Microsoft Certificate Authority (Part 2)
This is the second of five blogs in the series that discusses the process of Certificate Management with VMware Cloud Foundation. The series looks at the end to end process that you follow to take a freshly installed VMware Cloud Foundation platform (Management Domain) and replace the components with signed certificates using a Microsoft Certificate Authority.
In this post we will look at the process of configuring SDDC Manager integration with the Microsoft Certificate Authority. SDDC Manager must be configured with the Microsoft Certificate Authority so that you can automate the process of generating and replacing signed certificates across the deployed components.
Connecting SDDC Manager to the Microsoft Certificate Authority using the User Interface
The following procedure demonstrates the process through the SDDC Manager User Interface.
Procedure
- Log in to SDDC Manager using a web browser.
- Open a Web browser and go to https://lax01mgr01.lax.rainpole.local.
- Log in using the [email protected] user account
- Navigate to Administration > Security > Certificate Management.
- Configure the Microsoft Certificate Authority.
- Click Edit.
- Configure the following values and click Save.
| Certificate Authority | Microsoft |
| CA Server URL | https://rpl-dc01.rainpole.local/certsrv |
| Username | administrator |
| Password | administrator_password |
| Template Name | VMware |
- In the CA Server Certificate Details dialog, click Accept.
Connect SDDC Manager to the Microsoft Certificate Authority using PowerVCF
The following procedure demonstrates the process through PowerVCF.
Assumption: You have already installed or imported PowerVCF on your system.
Procedure
Before performing any operations on SDDC Manager using PowerVCF you must enter the credentials, the PowerVCF cmdlet Connect-VCFManager takes these credentials and stores them as a base64 string which is then used for each subsequent cmdlet. Enter the following syntax.
Connect-VCFManager -fqdn lax01mgr01.lax.rainpole.local -username admin -password "VMw@re1!"
The configuration for the Microsoft Certificate Authority can be performed using the Set-VCFMicrosoftCA cmdlet. Enter the following syntax.
Set-VCFMicrosoftCA -serverUrl https://rpl-dc01.rainpole.local/certsrv -username Administrator -password VMw@re1! -templateName VMware
We can then verify the configuration using the Get-VCFCertificateAuthConfiguration cmdlet. Enter the following syntax.
Get-VCFCertificateAuthConfiguration
And there we have it, we’ve now configured the Microsoft Certificate Authority in SDDC Manager.
Useful Links
If you would like to learn more about VMware Cloud Foundation or PowerVCF, check out these links: