Some stuff related VMware and SSL certificates
<![CDATA[
Certificates are located in /etc/vmware/ssl
rui.key is the private key mod 400
rui.crt is the certificate + the CA mod 644
The private key is installed once for all
The certificate is generated/installed by ~on/letsencrypt/install_cert_virtual
After installing the new certificates, restart the management agents:
/etc/init.d/hostd restart
/etc/initt.d/vpxa restart
If that does not work, try to restart the agent manually from the console.
Or try the command dcui from an ssh connection.
I have not tried the solutions below.
See also https://www.nakivo.com/blog/how-to-restart-management-agents-on-a-vmware-esxi-host/
4. Use this command as an alternative, to restart all management
agents on the ESXi host.
services.sh restart &tail -f /var/log/jumpstart-stdout.log
The progress of the VMware agents restart is displayed in the console
output. VMware restart management agents with services.sh
5. You can also try to reset the management network on a VMkernel
interface:
esxcli network ip interface set -e false -i vmk0; esxcli network ip interface set -e true -i vmk0
The vmk0 interface is used by default on ESXi. If you have a different
name for the management network interface, use the appropriate
interface name in the command.
This complex command consists of two basic commands separated by ;
(semicolon). The vmk0 management network interface is disabled by the
first part of the command. When this part is executed successfully and
vmk0 is down, then the second part of the command is executed to
enable the vmk0 interface. As a result, the ESXi management network
interface is restarted.
The authorized_keys file for root is in
/etc/ssh/keys_root/authorized_keys
It can be used from ufo
sudo ssh -i /root/.ssh/id_rsa_virtual root@virtualX
Crontab for root is in
/var/spool/cron/crontab/root
]]>