You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
hello im just posting this issue for folks who land here trying to setup pykmip with esxi and it "doesnt work" or you get com.vmware.vim.vmomi.core.exception.MarshallException: KeyProviderId required property id not set
in, at least, esxi 6.7, it seems the extended ssl properties are required. most random blogs will have you config the server with enable_tls_client_auth=False but this wont work out of the box.
when you setup your ssl cert, add the extended stuff like openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -addext "extendedKeyUsage = serverAuth, clientAuth" and set the server config to True. esxi will work out of the box.
i saw in the pykmip log it was complaining about lack of extended ssl properties.
hope this helps home lab folks.
The text was updated successfully, but these errors were encountered:
hello im just posting this issue for folks who land here trying to setup pykmip with esxi and it "doesnt work" or you get
com.vmware.vim.vmomi.core.exception.MarshallException: KeyProviderId required property id not setin, at least, esxi 6.7, it seems the extended ssl properties are required. most random blogs will have you config the server with
enable_tls_client_auth=Falsebut this wont work out of the box.when you setup your ssl cert, add the extended stuff like
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -addext "extendedKeyUsage = serverAuth, clientAuth"and set the server config to True. esxi will work out of the box.i saw in the pykmip log it was complaining about lack of extended ssl properties.
hope this helps home lab folks.
The text was updated successfully, but these errors were encountered: