Hi Luc,
how to check sslcertificates validity using powercli .
also in what sceneriosdo we need to replace VMCA to third partycertificatuin authority ?
Afaik, there are no public API available to check the validity of those certificates (I wish there were).
You can activate an Alarm which will be triggered before a certificate expires.
You can control how far in advance that event will be given with the VCSA advanced setting vpxd.cert.threshold
As stated in Certificate Management Overview the choice depends on what your local requirements are.
In short (and in my opinion), there are no technical reasons or advantages to replace the VMCA, but there might be local policy requirements.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference
Thanks Luc.
i got following from net ,
https://michaelryom.dk/validate-ssl-expiration-date/
to check expiration dates iam not sure what method is being folllowed.however can yu check this and suggest if it is working at yur end.
Yes, this seems to work for ESXi nodes and the VCSA.
It uses the .Net ServerCertificateValidationCallback method.
Nice find.
Blog: lucd.info Twitter: @LucD22 Co-author PowerCLI Reference