The Virtualization Room

Oct 29 2012   3:18PM GMT

VMware issues SSO patch, new SSL documentation

Beth Pariseau Beth Pariseau Profile: Beth Pariseau

VMware has released a software update to vCenter Server and a new package of documentation meant to address widespread problems with single sign on and SSL certificates uncovered by users of vSphere 5.1.

However, since the patch was released last Thursday, VMware bloggers who have gone over the release notes with a fine-toothed comb have pointed out some ‘gotchas’ and open questions pertaining to the purported fix.

Earlier this month, VMware shops were up in arms over problems with the vSphere 5.1 Single Sign-On feature, which is now a required part of vCenter Server 5.1 installation. Problems included failed vCenter services on startup and an inability to login to vCenter Server.

Various failure scenarios and the login issue are resolved issues in vCenter Server 5.1.0a.

But there are also new issues brought up in the release notes that hadn’t been publicly documented before, according to a blog post by Maish Saidel-Keesing, a virtualization architect for an Israeli technology company.

These issues include added overhead to the installation process – VMware recommends using an independent installer at this point rather than a simple installer, for example, and requires manually created database users rather than an automatically created ones.

“It is good to see that VMware have fixed some problems with the installation process,” wrote Saidel-Keesing. But he’s still left asking, “Was the release rushed out – so that these issues were not addressed beforehand?”

Separately, VMware issued a new package of documentation around updating SSL certificates, based largely on a series of blog posts by Derek Seaman, a vExpert at a major telecom company.

Michael Webster, a VMware Certified Design Expert and director of IT Solutions 2000 Ltd., a VMware consultancy based in Auckland, New Zealand, noted in a blog post that there’s still a ‘gotcha’ with SSL certificates in a certain scenario:

when vCenter system is an all in one configuration with everything on the same VM and using a local [Microsoft] SQL Server database. Update Manager will not be able to log into or register with vCenter when the SSL certificates have been changed. This prevents you from updating the SSL certs for Update Manager and Update Manager may no longer work. This does not appear to occur when the MS SQL Server database is remote.

For that reason, Webster says he is recommending that clients place vCenter Server and the SQL Server database on separate VMs, even in small environments.

In the meantime, Webster is building his own utility for SSL certificate management, called vCert Manager, which will allow completely automated management of SSL certificates in a vSphere environment.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: