VMware's free vCenter Certificate Automation Tool simplifies updates

VMware's vCenter Certificate Automation Tool is barely out of beta, but users are optimistic it will ease the nightmarish certificate update process.

BOSTON -- While some experts laud the time and energy that VMware's new, free vCenter Certificate Automation Tool saves, others await a more full-fledged offering.

Automation has become a trusted tool for many admins as they are continually tasked to do more with less. Jumping on this trend in virtualization, and hoping to fill security gaps in vSphere 5.1, VMware Inc. released vCenter Certificate Automation Tool 1.0 in April 2013.

The tool can save three to four days of admins' time and allow smaller companies to focus more on security, according to Mark Gabryjelski, virtualization practice manager at WEI and VCDX #23.

Moving away from self-signed SSL certificates

VMware uses self-signed SSL certificates by default because they are easy to deploy and avoid the cost of having a third-party certificate authority verify authenticity. But self-signed certificates only offer sufficient security when communication remains within a private network and users won't always be able to confirm they are connecting to your server.

Since releasing vSphere 5.1, VMware has taken steps to add other certificates for more secure connections.

"[VMware vSphere] 5.1 was released with extra steps needed to configure the security, without the tools to do it," Brad Maltz, VCDX #36, chief technology officer of Lumenate, said at a VMUG meeting here this month.

The vCenter Certificate Automation tool provides some of the missing capabilities in vSphere 5.1 to assist admins updating their certificates.

"[The tool] makes it easy to apply really good security to a very important part of your infrastructure," said Steve Athanas, Boston VMUG leader and director of systems engineering at the University of Massachusetts Lowell.

Automation to the rescue

Athanas has definite plans to use the tool. "From a user perspective, it's onerous to update certificates across your entire environment," he said.

As with other automation strategies, the tool facilitates a tedious, time-consuming task and helps avoid human error. It's also aimed at making the new certificates more user-friendly. Certificate management is often confusing because of the large array of available certificates and the fact that software vendors generally prefer their own tools.

Not everyone is singing vCenter Certificate Automation Tool's praises, however.

The certificate tool is only a step in the right direction, said Maish Saidel-Keesing, infrastructure administrator and virtualization architect for NDS Group in Jerusalem. Furthermore, the automation process itself comes with risks and the IT community has differing opinions about when, what and how to automate.

Nevertheless, vCenter Certificate Automation should especially benefit small businesses and midmarket customers without certificate teams, as well as those deploying virtual desktop infrastructures where certificates are even more critical.

You can download VMware vCenter Certificate Automation Tool 1.0 for free from the VMware download website.

Dig deeper on VMware management tools

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Related Discussions

Julia Anderson asks:

Will you use vCenter Certificate Automation Tool to update your certificates?

0  Responses So Far

Join the Discussion

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVMware

SearchWindowsServer

SearchCloudComputing

SearchVirtualDesktop

SearchDataCenter

Close