You can decrypt or re-encrypt an encrypted core dump on your ESXi host by using the crypto-util CLI.

Before you begin

The ESXi host key that was used to encrypt the core dump must be available on the ESXi host that generated the core dump.

About this task

You can decrypt and examine the core dumps in the vm-support package yourself. Core dumps might contain sensitive information. Follow your organization's security and privacy policy to protect sensitive information such as host keys.

For details about re-encrypting a core dump and other features of crypto-util, see the command-line help.

Note:

crypto-util is for advanced users.

Procedure

  1. Log directly in to the ESXi host on which the core dump happened.

    If the ESXi host is in lockdown mode, or if SSH access is disabled, you might have to enable access first.

  2. Determine whether the core dump is encrypted.

    Option

    Description

    Monitor core dump

    crypto-util envelope describe vmmcores.ve

    zdump file

    crypto-util envelope describe
    					 --offset 4096 zdumpFile 
  3. Decrypt the core dump, depending on its type.

    Option

    Description

    Monitor core dump

    crypto-util envelope extract vmmcores.ve vmmcores

    zdump file

    crypto-util envelope extract --offset 4096 zdumpEncrypted zdumpUnencrypted