windows

Upload to Datastore failure – Self Signed Certificate Error

When uploading file to Datastore you receive: The operation failed for an undetermined reason.  Typically this problem occurs due to certificates that the browser does not trust….

1

In most corporate environments you will be using an Internal or External Certificate Authority and so you will be looking to use that, however in my lab I haven’t set one up.

When you connect to your vCenter (I have tested with Chrome and IE) you receive: There is a problem with this websites security certificate

2

Select Continue to this Website (not recommended)

Your vCenter page will load.  At the Bottom Right there is an option to Download trusted root CA certificates

NOTE: I only saw and tested this with vSphere 6.5 and with the VCSA – I have read this option is only available with VCSA and in 6+

3

Select this and save the ZIP file

Open the file and navigate to the Certs folder – there will be a Linux, Mac and Windows folder – open the appropriate folder4

There are two files, we want the file ending in 0 (NOT r0)

Extract this file by dragging to an appropriate directory

Rename the file by changing the extension from .0 to .cer

5

Open a Command Prompt with Administrator rights and select Yes at the Prompt6

Type: certmgr.msc

7

And press Enter – this will bring up the Certificate Manager

Navigate to Trusted Root Certification Authorities and expand this

Right click on Certificates and select All Tasks > Import

8

Select Next and Browse to the Certificate you just renamed and select Next

9

Leave the Defaults and Finish

Select Yes at the Security Warning

10

And you should see: Import Successful

Close your Browser and then Re-open and try to access vCenter again

11

After this I was able to upload files to my datastores

VIRTUAL LAB – PART 2 – Domain Controller Setup

The next step is to spin up a Windows Server 2016 Domain Controller – this will provide DNS and Active Directory.

I provisioned the VM with 2GB RAM, 1 Processor and a 50GB HDD (this may need tweaking but should be enough to get started) and I have mapped the ISO.  When you deploy the Server make sure you set a complex password for the Administrator account before starting the AD configuration as it will “promote” your local administrator account to a Domain Admin.

Windows Update
The first thing Im going to do is run an Update (as this Server will not be connected to the Internet after this point).  At the moment it is connected as Host-Only, so I need to change that to Bridged (more…)