Before you configure the integration of vIDM with NSX, you must get the certificate thumbprint from the vIDM host.
You can check your version of OpenSSL with the following command:
On a server that is not the vIDM host, you can use the
openssl command that is running OpenSSL version 1.x or later.
openssl version
Procedure
- Log in at the vIDM host's console, or SSH to the vIDM host as the user sshuser, or log in to any server that can ping the vIDM host.
- Run one of the following commands to get the thumbprint of the vIDM host.
- If you are logged in to a server that can ping the vIDM host, run the openssl command to get the thumbprint:
openssl s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin
- If you are logged in to the vIDM host, do one of the following:
- If the OpenSSL version is 0.9.x or earlier, run the following command:
openssl1 s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin
If you get an error running the command, you might need to run openssl1 with the sudo command, that is, sudo openssl1 ....
- If the OpenSSL version is 1.x or later, run the following command:
openssl s_client -connect <FQDN of vIDM host>:443 < /dev/null 2> /dev/null | openssl x509 -sha256 -fingerprint -noout -in /dev/stdin
If you get an error running the command, you might need to run openssl with the sudo command, that is, sudo openssl ....
- If the OpenSSL version is 0.9.x or earlier, run the following command:
- If you are logged in to a server that can ping the vIDM host, run the openssl command to get the thumbprint: