Android Nougat Comes to the Enterprise

Android Nougat Comes to the Enterprise


Android Nougat Comes to the Enterprise

This week, Google began to release Android Nougat (7.0), the latest update to the Android operating system (OS). With this release comes enhanced features to provide more security and end-user controls, so Android devices are optimized for both work and personal use. Here are some key highlights to this update: Strengthened Security for Data Protection […]


VMware Social Media Advocacy

Still Better Together: Juniper Networks QFX5100…

Still Better Together: Juniper Networks QFX5100 Switches Certified with VMware NSX

Still Better Together: Juniper Networks QFX5100…

It’s no secret that cloud computing is key to remaining competitive in today’s rapidly changing networking landscape. But, many organizations often overlook new network connectivity tools that are critical to capitalizing on all of the benefits offered by the cloud. That’s why I’m excited to share h…Read More


VMware Social Media Advocacy

Converged Monitoring for Converged Infrastructure

Converged Monitoring for Converged Infrastructure


Converged Monitoring for Converged Infrastructure

Converged infrastructures have broad appeal to IT administrators, offering a single management console, components optimized for performance, simplified scalability, and more. Something that’s not always easy about converged infrastructure is monitoring. Using individual solutions for each component in your infrastructure can be inefficient, especially if those solutions are developed The post Converged Monitoring for Converged Infrastructure appeared first on…Read More


VMware Social Media Advocacy

The Scoop: vRealize Automation 7.1

The Scoop: vRealize Automation 7.1 via virtualjad.com


The Scoop: vRealize Automation 7.1

vRealize Automation 7.1 in now G enerally A vailable for download. This release brings several features and enhancements, but primarily sticks to the themes of Time to Value , Quality and Stability . Another focus point for this release is to provide customers currently on vRA 6.x an upgrade path to all the benefits of the 7.x platform. vRealize Automation 7.1 Product Page: https://www.vmware.com/products/vrealize-automation Download:…Read More


VMware Social Media Advocacy

Log Insight 3.6: Enhanced Query API

Log Insight 3.6: Enhanced Query API via sflanders.net


Log Insight 3.6: Enhanced Query API

Log Insight introduced a query API in version 3.3. In 3.6, the API has been enhanced to bring more parity to the existing UI capabilities. Read on to learn more! With Log Insight 3.6, you now have the following options also available to you: GET calls support a “duration”response which returns the number of milliseconds […] The post Log Insight 3.6: Enhanced Query API appeared first on SFlanders.net by Steve Flanders.


VMware Social Media Advocacy

Renewing SSL certificates in vCloud Director 5.5

Every 2 year I’m facing the same problem – renew the SSL certificates in several platform, but especially in vCloud Director. And everytime I’ve to start from zero since I insist in recording only in memory the needed steps. This time I want to post the procedure in order to retrieve it next time, and in case someone else should need it.
I’ve been used largely the VMware KB 2014237

After receiving the certificate pack from the CA, we’ll have a couple of .crt files, domain and CA authority, and a .key one. vCloud Director doesn’t acept directly the .crt format so we’ve to convert it in .pfx. The first method indicated by the KB, passing through the web site to convert it failed (at least in my case), so I used the second one, openssl, directly inside the cell.

First step, I created a directory for this purpose, renamed the current certificates wherever they are

mkdir /root/cert
mv /opt/vmware/certificates.ks /opt/vmware/certificates.ks_old

And then imported via SSH the 3 files: 2 .crt and 1 .key. After this I proceeded with creation of the .pfx, according to KB:

openssl pkcs12 -export -out /root/cert/certificate.pfx -inkey /root/cert/wildcard.domain.com.key -in /root/cert/STAR_domain_com.crt -certfile /root/cert/COMODORSAOrganizationValidationSecureServerCA.crt

It will ask for a password. Remember it, you’ll need later, many times!
Now move to the Java directory and run the certificate import command:

cd /opt/vmware/vcloud-director/jre/bin
./keytool -trustcacerts -storetype JCEKS -importkeystore -srckeystore /root/cert/certificate.pfx -destkeystore /opt/vmware/certificates.ks -srcstoretype pkcs12 -storepass PASSWORD

It will ask for the password again.
After receiving successful imported message, you should list the available aliases, receiving a message like the following:

./keytool -keystore /opt/vmware/certificates.ks -storetype JCEKS -list
<insert password again>
1, Aug 22, 2016, PrivateKeyEntry, 
Certificate fingerprint (SHA1): 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Let’s write down the first number: this is the alias to be used in the next command, assigning it to HTTP:

./keytool -storetype JCEKS -changealias -alias 1 -destalias http -keystore /opt/vmware/certificates.ks

If we want to use the same certificate for the console too (and this is our case, since certificate is *.domain.com), we have to restart the process from the import command, replacing in the last one the word “http” with “consoleproxy”:

./keytool -trustcacerts -storetype JCEKS -importkeystore -srckeystore /root/cert/certificate.pfx -destkeystore /opt/vmware/certificates.ks -srcstoretype pkcs12 -storepass PASSWORD
./keytool -keystore /opt/vmware/certificates.ks -storetype JCEKS -list
./keytool -storetype JCEKS -changealias -alias 1 -destalias consoleproxy -keystore /opt/vmware/certificates.ks

You’ll be asked the password after every command. It’s a bit annoying but I didn’t find a different way.
To verify if the 2 aliases are correctly certified, run the list command, you should have a similar output:

./keytool -keystore /opt/vmware/certificates.ks -storetype JCEKS -list

Keystore type: JCEKS
Keystore provider: SunJCE

Your keystore contains 2 entries

consoleproxy, Aug 22, 2016, PrivateKeyEntry, 
Certificate fingerprint (SHA1): 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
http, Aug 22, 2016, PrivateKeyEntry, 
Certificate fingerprint (SHA1):00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00

Certificates are imported. Now we should stop the service and configure the cell to point to the right path for the new certificates, and then we’ll be asked to start.

service vmware-vcd stop
/opt/vmware/vcloud-director/bin/configure

If you have more than 1 cell, the procedure must be executed on all of them.

Configuring Auto Deploy Stateless Caching in…

Configuring Auto Deploy Stateless Caching in vSphere 6.0 – Blah, Cloud.


Configuring Auto Deploy Stateless Caching in…

Following on from my previous post on configuring custom ESXi images for PXE deployment, it piqued my interest again in Auto Deploy, now that I have a lab large enough (enough physical failure domains) to justify auto-deploy I figured i’d give it another go. I have chosen to implement stateless caching as it will allow …Read More


VMware Social Media Advocacy

Follow

Get every new post delivered to your Inbox.