VMware – Replace the ESX Certificate
May07

VMware – Replace the ESX Certificate

ESX Certificate KB ID 0000974  Problem ESXi comes with a self-signed certificate, and for most people that’s fine, but some clients want to have a ‘Trusted’ certificate on theirs, and have their own PKI infrastructure for issuing them. Below I will generate a new certificate for my ESXi server using the Active Directory Certificate Services role on Windows Server 2012. Then replace the self-signed certificate with my new...

Read More
Windows Server – Enable LDAPS
Jan17

Windows Server – Enable LDAPS

KB ID 0000962  Problem Note: Starting with Windows Server 2019, LDAPS (LDAP over SSL/TLS) is enabled by default, assuming a Server Authentication certificate is installed on the Domain Controller. Active Directory is built on LDAP, I’ve known this for a long time, but other than it’s a directory protocol that’s about all I did know. Like any directory, if you want information when you query the directory it returns a...

Read More
Upload Files to VMware Datastore Fails
Apr11

Upload Files to VMware Datastore Fails

KB ID 0001777 Problem Whilst attempting to upload an ISO into a VMware datastore this morning, I got this error; The operation failed for an undetermined reason. Typically this problem occurs due to certificates that the browser does not trust. If you are using self-signed or custom certificates, open the URL below in a new browser tab and accept the certificate, then retry the operation. Solution I’ve encountered this exact...

Read More
Windows Server – Install and Configure NDES
Oct21

Windows Server – Install and Configure NDES

KB ID 0000947  Problem NDES, is the name for what we used to call MSCEP, which was an ‘add-on’ for the Server 2003 family of servers. In Server 2008 it was renamed to NDES. It is a role service that runs on a Certificate Services Server, and is used to create a registration authority (RA) that can issue certificates from your PKI infrastructure to network devices, i.e. Routers, Firewalls and Switches. Solution Installing...

Read More
The Web Site for the CA Must be Configured to use HTTPS
Jan13

The Web Site for the CA Must be Configured to use HTTPS

KB ID 0000838  Problem When attempting to contact a server running the Certification Authority Web Enrolment role, you may see the following error. In order to complete certificate enrolment, the Web site for the CA must be configured to use HTTPS authentication Solution The correct fix is to set the web server (IIS) to serve the certificate website securely using https, though you can just set Internet explorer to ‘work’...

Read More