about_invalid_certificates.help.txt
TOPIC
Handling Invalid Certificates SHORT DESCRIPTION When you connect to a vCenter Server or vCloud Director system, the server checks for valid certificates. If the certificate is not recognized, the Invalid Certificate prompt appears. LONG DESCRIPTION When you connect to a vCenter Server or vCloud Director system, the server checks for valid certificates. If the certificate is not recognized, the Invalid Certificate prompt appears. You can select one of the four options provided by the Invalid Certificate prompt: - Deny - Cancel the server connection. - Connect once - Establish the server connection and suppress further warnings for the current PowerShell session. - Add a permanent exception for the server_address/certificate pair - Persist the server certificate in the PowerCLI Trusted Certificate Store (PCTCS) for the current user and establish the server connection. - Add a permanent exception for all users - Persist the server/certificate pair both in the current user PowerCLI Trusted Certificate Store (PCTCS) and in the All Users PCTCS and establish the server connection. To set the default behavior of vSphere PowerCLI when no valid certificates are recognized, use the InvalidCertificateAction parameter of the Set-PowerCLIConfiguration cmdlet. POWERCLI TRUSTED CERTIFICATE STORE (PSTCS) The PowerCLI Trusted Certificate Store (SslCertificateExceptions.csv) is a CSV file with two columns: server_address and certificate_thumbprint. You can edit the (PSTCS) manually by using a text editor. There are two PSTCS files: - The current user PSTCS is located in the %APPDATA%\VMware\PowerCLI directory of the user. - The All Users PSTCS is located in %ALL USERS APPDATA%\VMware\PowerCLI. The local certificate storage file is purposely simple and you can easily import and export certificates from one machine to another or fill it with certificates automatically. Send feedback to docfeedback@vmware.com | Copyright (C) VMware, Inc. All rights reserved. Protected by one or more U.S. Patents listed at http://www.vmware.com/go/patents. |