How can i make a Cert for Vspere


I using a Vspere server and a VMware vCenter Server Appliance.
Now i will make 2 cert. for this 2 ips.
The problem is, the vspere and cvsa dont support the “git clone” also i cand download the client.
Wo can i make ther cert. for my?
Sorry for my Bad english (german user)
Greetz Conan


You may be better using one of the alternate clients

which the client can I use on the vSphere?

I don’t have access to Vspere to test.

I’d imagine that should work. You don’t need to install from git - you can just copy the files you need.

And again the question: Do you need vSphere access for unrelated third parties? If you don’t, why use a public CA and not your own? And if you do, that’s a whole other can of worms.

I have try the script, i have send the script on /tmp, when i run the script, the anwser is:
ERROR: Challenge is invalid! (returned: invalid) (result: {“type”:“http-01”,“status”:“invalid”,“error”:{“type”:“urn:acme:error:unauthorized”,“detail”:
i think i make whta wrong :expressionless:

Do you have a publicly accessible domain name associated with it ?

i wont use this ipv4 and ipv6 are statik and worte in the dyndns add.

I don’t think you can currently get a cert for a dyndns domain. is on the public suffix list; do you know of some other reason why people can’t get certs for it now?

1 Like

No, I checked the posts for anyone who said they had been successful recently, and couldn’t find any ( other than the older posts saying there were issues ), hence the “I don’t think”. Happy to be corrected if it now works for :slight_smile:

its donst work on my vcsa. i make it today new, script is from 10.02.2016 10:38:52
i think the problem is the web interface from vcsa, the erros massage is
user:./ --cron
!! WARNING !! No main config file found, using default config!
Processing with alternative names:

  • Signing domains…
  • Generating private key…
  • Generating signing request…
  • Requesting challenge for
  • Requesting challenge for www…
  • Responding to challenge for
    ERROR: Challenge is invalid! (returned: invalid) (result: {“type”:“http-01”,“status”:“invalid”,“error”:{“type”:“urn:acme:error:unauthorized”,“detail”:"Invalid response from .well-known/acme-challenge/

@Conan179, what validation method are you using and how did you select it?

Is it intentional that you’re requesting both “tabgalaxyxxxx” and “tabgalaxyxxx” names?

oh, i dont know.
i donst know, where i using the script, i try the first command, that shohing with "?"
No, xxx are only to mask the real addres.