Export the CA certificate for ZCM

During the installation of ZCM10 you’re asked if you want to use a external CA (Certificate Authority) of a internal CA. If you’re using a internal CA it’s important to backup the CA certificate in case you lose the server who is the CA for your ZCM zone. If you lose your CA all the certificates singed by this CA are worthless. That’s ain’t a nice thing in a ZCM enviroment where almost all the communication is encrypted through SSL!

So the first thing to do after the installtion of the first primary ZCM server is to backup the CA. You can accomplish this by entering the command:

zman certificate-authority-export [path and file name]

You’re prompted for a username and password who has the right for exporting the certificate (mostly Administrator) and a passpharse for securing the file.
This passphrase has to have a minimum lenght of 10 carachters. Please store this passphrase in a secure location. If you lose this passphrase the exported CA file is worthless because you need this passpharse to import the certificate.

Importing the certificate is done by entering the command:

zman certificate-authority-import [path and file name]

Again you’re prompted for a username and password who has the right for importing the certificate as the passpharse.

About Michael
Michael Wilmsen is a experienced VMware Architect with more than 20 years in the IT industry. Main focus is VMware vSphere, Horizon View and Hyper Converged with a deep interest into performance and architecture. Michael is VCDX 210 certified, has been rewarded with the vExpert title from 2011, Nutanix Tech Champion and a Nutanix Platform Professional.

RSS feed for comments on this post.

Leave a Reply

You must be logged in to post a comment.