Archive for the ‘Security’ Category

Installing Corporate CA Certificates on iPhone or iPad for Use with VMware View

January 3, 2013 1 comment

I was upgrading my VMware View environment recently from 5.0 to 5.1 and wrote about some initial problems in my article Trouble Recomposing View 5.x Desktops After Upgrade to vSphere 5.0 U2. After I had resolved those initial problems I needed to load my internal Root CA certificate onto all my company’s iPhone’s and iPad’s. This is because one of the big changes or improvements in View 5.1 is with security and you now need trusted certificates in order to connect to any of the desktops. Fortunately there is no need to purchase expensive public certificates if you have an internal corporate PKI / CA’s already configured, unless you want to. This article will show you how you can easily get your iPhones or iPad’s to trust your corporate CA certificates for use with VMware View.

Read more…

VMware SRM SSL Certificate Problems After Applying Microsoft Security Patch

November 18, 2012 3 comments

Microsoft recently issued a security advisory and a patch that blocks any certificates with a key length less than 1024 bits. This has impacted a wide variety of systems including VMware Site Recovery Manager 5.0 and below. This article will provide you a way to quickly regenerate the self-signed SRM certificates.

Read more…

Updating CA SSL Certificates in vSphere 5.1 vCenter Virtual Appliance

October 29, 2012 2 comments

Recently I wrote about Updating CA SSL Certificates in vSphere 5.1 which applied to the Windows installable version of the vCenter 5.1 and it’s supporting components including SSO. VMware has now also released the instructions to update the CA SSL certificates in the vSphere 5.1 vCenter Virtual Appliance.

Read more…

Updating CA SSL Certificates in vSphere 5.1

October 27, 2012 10 comments

Over the past few weeks I have been working behind the scenes with a team of people at VMware spread around the globe on the process to successfully change out the self-signed certificates in vSphere 5.1. With the introduction of Single Sign-On in vSphere 5.1 the process is somewhat more complicated than vSphere 5 (ok quite a lot more complicated). But now I’m able to bring you some of the solutions you’ve all been waiting for.

Read more…

VMworld US 2012 and vSphere 5.1 Launch Roundup – My First VMworld

September 23, 2012 2 comments

The twitter wires and blogosphere were ablaze with news out of VMworld US 2012 (August 27 – 30th). This was my first ever VMworld (with hopefully many more to come), and I greatly enjoyed it and I also enjoyed meeting many of you. My direct flight home to Auckland from San Francisco on Air New Zealand was the best flight I’ve ever had, and I got a full 8 hours sleep so I didn’t have any jetlag (Thanks Air New Zealand). But this article is all about my take on the event, what I learned, and vSphere 5.1. I’ve decided to do something slightly different to others, to take it all in, and then write this roundup post VMworld. I’m also going to target this towards the relevance to production and business critical applications environments. I’ll also give you some insight into the sessions I presented, the results and my lessons learned. Read more…

vCert Manager – Changing VMware SSL Certs Made Easy

September 15, 2012 29 comments

During my VMworld session presentation INF-SEC1282 Automating Security and Compliance with DR (VMworld account required to access recording) I gave a world premier glimpse of a prototype solution that will allow completely automated management of SSL Certificates in a vSphere environment. The solution is still under development. But if you’d like to peak into the future of an easy and completely automated SSL management world for vSphere then this article is for you.

Read more…

vSphere 5.1 Generally Available – Important Upgrade Considerations

September 12, 2012 21 comments

vSphere 5.1 was greatly anticipated by all of the VMware Customers that watched the VMworld keynote address and attended the early VMworld sessions and today it became generally available for download on the VMware web site. Even though this is a dot release for VMware it brings some important new features and functionality, not just for the core vSphere hypervisor, but also the other products that make up the core of the vCloud Suites, including vCloud Networking and Security, vCloud Director and Site Recovery Manager. This article will cover some important considerations that you need to consider when you are planning to upgrade to vSphere 5.1.

Read more…

vSphere 5 Security Hardening Guide – Final Official Release

June 2, 2012 2 comments

The vSphere 5 Security Guide has been officially released. There are a number of changes and enhancements and you should go through each to review the applicability to your environment and compare it to the vSphere 4.1 Hardening Guide. Since the public draft there have also been some significant changes that you should take time to review.

Read more…

vSphere 5 Security Hardening Guide – Public Draft

April 19, 2012 2 comments

The vSphere 5 Security Guide has been released publicly in draft form for comment. There are a number of changes and enhancements and you should go through each to review the applicability to your environment. Here is one of the highlights of the new version from my perspective and links through to the documents. It’s hard work putting this hardening guide together so thanks to Charu, Ben, Grant and Kyle, and the rest of the VMware Team for all their hard work on this.

Read more…

Updating SSL Certificate in vShield Manager Made Easy

March 31, 2012 3 comments

I was contacted recently by Maish Saidel-Keesing (@maishsk), who is a vExpert, fellow tweeter and top 50 virtualization blogger at asking if I had updated the SSL Certs in vShield Manager at all. At this point I have updated quite a lot of certs for customers and in my lab but vShield wasn’t one of them and it was still firmly on my To Do list. He challenged me to see if I could get it working, so I set about updating my vShield Manager SSL Certs and helped Maish do the same in his environment. It wasn’t quite as hard as some of the other tools when it comes to changing SSL Certs, but it wasn’t entirely straight forward either. If you want to know how to do it the easy way, read on.

Read more…