Before you configure the integration of vIDM with NSX-T, you must get the certificate thumbprint from the vIDM host.

You must use OpenSSL version 1.x or higher for the thumbprint. In the vIDM host, the command openssl runs an older OpenSSL version and therefore you must use the command openssl1 in the vIDM host. This command is only available from the vIDM host.

In a server that is not the vIDM host, you can use the openssl command that is running OpenSSL version 1.x or higher.

Procedure

  1. Log in to the vIDM host's console or by using SSH or log in to any server that can ping the vIDM host.
  2. Use OpenSSL version 1.x or higher to get the thumbprint of the vIDM host.
    • openssl1: If you are logged in to the vIDM host in a console or using SSH, run the following command to get the thumbprint:
      openssl1 s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin
    • openssl: If you are logged in to a server that can ping the vIDM host but is not the vIDM host, run the following command to get the thumbprint:
      openssl s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin