Overview
Provides steps to import the IdenTrust CA certificate chain into VMware vSphere to prevent invalid certificate messages during OVA deployment.
The Catalyst Center Global Manager OVA file is signed with an IdenTrust CA certificate. This certificate is not included in the default VMware truststore. As a result, the Deploy OVF Template wizard's Review details page displays an invalid certificate message after you complete the wizard. To prevent this, import the IdenTrust certificate chain to the host or cluster where you plan to deploy the OVA file.
Before you begin
-
You must have a VMware ESXi host or cluster where the Catalyst Center Global Manager virtual appliance will be deployed.
-
Confirm you have administrator access to the target vSphere host or cluster.
-
Locate the download site for both the OVA file and the related IdenTrust CA certificate (trustidevcodesigning5.pem).
Procedure
| 1. | On the VMware Catalyst Center Global Manager host or cluster where your virtual appliance will reside, download and extract trustidevcodesigning5.pem from the same location specified for downloading the Catalyst Center Global Manager OVA file. |
|
| 2. | Unzip this file if it is compressed. |
|
| 3. | Log in to the vSphere Web Client managing the host or cluster. |
|
| 4. | Choose . |
|
| 5. | In the Trusted Root Certificates field, click Add. |
|
| 6. | In the Add Trusted Root dialog box, click Browse. |
|
| 7. | Navigate to the location of the certificate chain you downloaded in Step 1 (trustidevcodesigning5.pem). Select the file, then click Open. |
|
| 8. | Check the Start Root certificate push to vCenter Hosts check box, then click Add. |
You see a message confirming that the certificate chain was imported successfully.
After you complete the Deploy OVF Template wizard, the Review details page shows that you are using a trusted certificate in the Publisher field.