Menu

Virtual Geek

Tales from real IT system administrators world and non-production environment

Blog posts : "ssl"

VMware vSphere vCenter replace machine SSL certificate with custom CA signed certificates

There is a best security practice to implement authorized SSL Certificates on VMware infrastructure. Here I am installing certificates on the vSphere vCenter server. By default VMCA (VMware Certificate Authority) signed certificate is installed on the vCenter server. Which you can see under vSphere …

Read more

Export certificates from Azure Key Vault using PowerShell

While working with Azure Key Vault Certificate Create Azure Key Vault Certificates on Azure Portal and Powershell, Next requirement was to download those certificates from Key Vault. On the Azure Portal choose the SSL Certificate you want to export. Click buttons Download in CER format or Download…

Read more

Get started and configure certificate-based authentication in Azure

Connecting SSL certificate based login to Azure can help increased authentication security, if you maintain certificates very well. In my case I wrote few scripts and I wanted to automate  Azure. As my user account is configured with MFA (My scripts scheduling was failing due to this) and I didn't w…

Read more

PowerShell Invoke-WebRequest The underlying connection was closed: Could not establish trust relationship for the SSL TLS secure channel.

I face below error frequently whenever try to automate a website running self signed or invalid certificate, Here is my lab vCenter server for demo which is using self signed SSL certificate. This causes my script to fail whenever using Invoke-WebRequest to automate website. You can trust the cer…

Read more

How to sign PowerShell ps1 scripts

By reading the article subject first question rose to the mind why you should sign PowerShell scripts? The answer is whenever we download powershell script or we receive it from another users, The digital signature allows the user to confirm the validity of the certificate used to sign the script.…

Read more

Configure PowerShell remoting between Windows and Linux

After opensource PowerShell core 6 for linux was available to download, I wrote an article on it - How to Install and Use Microsoft PowerShell on Linux. This is just an addition to same guide. Few of my linux servers were installed with PowerShell core and they were installed with few PS modul…

Read more

Powershell WinRM HTTPs CA signed certificate configuration

This guide is not specific to configuration but it also shows how I troubleshooted CA signed certificate issue while configuring WinRM listener. This is a third part of PowerShell remoting over HTTPS using self-signed SSL certificate, For security best practices instead of going with Self signed ce…

Read more

Configure Powershell WinRM to use OpenSSL generated Self-Signed certificate

PowerShell remoting over HTTPS using self-signed SSL certificate

This is a step by step guide and will show you how to use HTTPS port  and self signed SSL certificate while using Powershell Remoting. On the PSRemoting regards I had already written one article in the past POWERSHELL PS REMOTING BETWEEN STANDALONE WORKGROUP COMPUTERS, When you use WinRM PSRemot…

Read more

How to replace default vCenter VMCA certificate with Microsoft CA signed certificate

VMCA (VMware Certificate Authority) is a one of the components in PSC (Platform services controller) inbuilt into vCenter server 6.x. VMCA is Certificate Authority and works as same as Microsoft CA certificate. It can issue certificates to VMware components i.e. vCenter, ESXi servers. In my previous…

Read more

Push SSL certificates to client computers using Group Policy

In my earlier article I shown how to Generate new self-signed certificates for ESXi using OpenSSL. Importing this certificate in local certificates store is good for single computer or 2-3 systems, but may be tedious task if you want to maintain it on more than 10 systems, think what happens if the…

Read more

11 blog posts

Blog Search

Page Views

11240200

Follow me on Blogarama