How can i make a Cert for Vspere


#1

Hello@all

I using a Vspere server and a VMware vCenter Server Appliance.
Now i will make 2 cert. for this 2 ips.
The problem is, the vspere and cvsa dont support the “git clone” also i cand download the client.
Wo can i make ther cert. for my?
Sorry for my Bad english (german user)
Greetz Conan


#2

Hi,

You may be better using one of the alternate clients


#3

which the client can I use on the vSphere?


#4

I don’t have access to Vspere to test.

I’d imagine that letsencrypt.sh should work. You don’t need to install from git - you can just copy the files you need.


#5

And again the question: Do you need vSphere access for unrelated third parties? If you don’t, why use a public CA and not your own? And if you do, that’s a whole other can of worms.


#6

I have try the script, i have send the script on /tmp, when i run the script, the anwser is:
ERROR: Challenge is invalid! (returned: invalid) (result: {“type”:“http-01”,“status”:“invalid”,“error”:{“type”:“urn:acme:error:unauthorized”,“detail”:
i think i make whta wrong :expressionless:


#7

Do you have a publicly accessible domain name associated with it ?


#8

i wont use this tabgalaxyxxx.dyndns.info ipv4 and ipv6 are statik and worte in the dyndns add.


#9

I don’t think you can currently get a cert for a dyndns domain.


#10

dyndns.info is on the public suffix list; do you know of some other reason why people can’t get certs for it now?


#11

No, I checked the posts for anyone who said they had been successful recently, and couldn’t find any ( other than the older posts saying there were issues ), hence the “I don’t think”. Happy to be corrected if it now works for dyndns.info :slight_smile:


#12

its donst work on my vcsa. i make it today new, script is from 10.02.2016 10:38:52
i think the problem is the web interface from vcsa, the erros massage is
user:./letsencrypt.sh --cron
!! WARNING !! No main config file found, using default config!
Processing tabgalaxyxxxx.dyndns.info with alternative names: www.tabgalaxyxxx.dyndns.info

  • Signing domains…
  • Generating private key…
  • Generating signing request…
  • Requesting challenge for tabgalaxyxxxx.dyndns.info
  • Requesting challenge for www .tabgalaxyxxx.dyndns.info…
  • Responding to challenge for tabgalaxyxxx.dyndns.info
    ERROR: Challenge is invalid! (returned: invalid) (result: {“type”:“http-01”,“status”:“invalid”,“error”:{“type”:“urn:acme:error:unauthorized”,“detail”:"Invalid response from http://tabgalaxyxxx.dyndns.info/ .well-known/acme-challenge/

#13

@Conan179, what validation method are you using and how did you select it?

Is it intentional that you’re requesting both “tabgalaxyxxxx” and “tabgalaxyxxx” names?


#14

oh, i dont know.
i donst know, where i using the script, i try the first command, that shohing with "?"
No, xxx are only to mask the real addres.