Virtual Geek

For anyone following this guide. Few Tips:

1. If it is a windows box run the command window as administrator so that you can see the errors.

If you have a two tier PKI structure like mine (RootCA and Intermediate CA) on the machine cert copy and paste the whole certs in the chain. Like this
−−−−−−BEGIN CERTIFICATE−−−−−−
*Device cert*
−−−−−−END CERTIFICATE−−−−−−
−−−−−−BEGIN CERTIFICATE−−−−−−
*Intermediate CA cert *
−−−−−−END CERTIFICATE−−−−−−−−
−−−−−−BEGIN CERTIFICATE−−−−−−
*Root CA cert *
−−−−−−END CERTIFICATE−−−−−−

and for the root certificate combine both intermediate and root certificate by copy paste.
−−−−−−BEGIN CERTIFICATE−−−−−−
*Intermediate CA cert *
−−−−−−END CERTIFICATE−−−−−−−−
−−−−−−BEGIN CERTIFICATE−−−−−−
*Root CA cert *
−−−−−−END CERTIFICATE−−−−−−

Thanks Roman - Thanks for notifiying, I have updated missing "-" in front of CertificateThumbPrint

New-Item -Path WSMan:\localhost\Listener\ -Transport HTTPS -Address * CertificateThumbPrint $serverCert.Thumbprint -Force

missing "-" before CertificateThumbPrint

Thank iChayan, for comment. Use and connect to your PSC to configure VMCA,

You will need to restart vcenter services in the last.

Hi

Thank you for the brilliant article, especially for this link https://blogs.vmware.com/vsphere/2018/11/external-platform-services-controller-a-thing-of-the-past.html, we are on 6.5 and we are unable to deploy NSX as we cant turn on enhanced link mode on the Dell EMC VXRail embedded vcentre and external PSC.

I have an external psc, what should I provide for this "VMCA Name: the FQDN where is located your VMCA. Usually the vCSA FQDN" vcentre or psc?

Also do I need to do anything on the psc?

Thanks in advance.