This post is also available in: Italian

Reading Time: 2 minutes

If you install PernixData FVP, you will notice some certificates warning prompt when you access to the management interface.

The prompt appears because by default there is a certificated delivered with the computer name fvp.pernixdata.com and of course does not match your management server FQDN. Both the computer name and the root are not trusted and to fix the warning you need to create a self signed certificate and import it on your client, or request one from a trusted CA.

Also if you generate a self-signed certificate it’s east to import it: user is prompted to accept SSL certificate for FVP when logging into vSphere client.

To build a new self-signed certificate there is a PernixData KB Article (login is needed) that explain all the required steps.

First you need OpenSSL toolkit (the easy way is use an existing Linux box) in order to manage the certificate request and sign.

To build you certificate request:

openssl req -nodes -new -x509 -keyout rui.key -out rui.crt -days 3650 ( -config openssl.cnf )

The openssl.cnf could be pre-build with all your required data (the KB has an example), but the most important aspect is be sure that the CommonName match your FVP Manager FQDN. Also note that the certificate will be valid for about 10 years.

Now you can simple export it in the right format:

openssl pkcs8 -topk8 -inform PEM -outform DER -in rui.key -out new-key -nocrypt

Now copy (or rename) the rui.crt certificate file:

copy rui.crt new-cert

And copy the new-cert and new-key files to your FVP management server con folder, in the example below the Management server is installed:

C:\Program Files\PernixData\FVP Management Server\Server\conf\

Restart the PernixData FVP management Server service. Either use the services manager to do so, or the following command line:

net stop prnxserv && net start prnxserv

Remember to import the certificate in your “Trusted Root Certification Authorities” on your client (this has to happen on each computer you want to use the FVP management client) in order to avoid the CA warning.

Share

Related Posts

  • How fix the VMware vSphere 6.0 CBT issue

    As you probably know VMware vSphere 6.0 had a critical issue con its Change Block Tracking (CBT) implementation that can impact all incremental backup with "VMware native" backup program (all agent-less implementation using the VMware VDAP API). This issue occurs due to an issue with…

  • Issue in Workstation 8 Upgrade

    During the upgrade to Workstation 8.0.2 (on 64 bit Windows 7 OS) I've got a curios issue that I want to share. Basically for some strange reason the previous version was not removed correctly and the new one was not able to install itself because…

  • PernixData Architect Software is in GA

    PernixData Architect™ is a new software platform for holistic data center design, deployment, operations and optimization. It combines a best-in-class user experience with robust real-time analytics and design recommendations to deliver unprecedented visibility and control of virtualized applications and the underlying storage infrastructure. After PernixData…

Virtualization, Cloud and Storage Architect. Tech Field delegate. VMUG IT Co-Founder and board member. VMware VMTN Moderator and vExpert 2010-24. Dell TechCenter Rockstar 2014-15. Microsoft MVP 2014-16. Veeam Vanguard 2015-23. Nutanix NTC 2014-20. Several certifications including: VCDX-DCV, VCP-DCV/DT/Cloud, VCAP-DCA/DCD/CIA/CID/DTA/DTD, MCSA, MCSE, MCITP, CCA, NPP.