The remote plug-in sample has an embedded application server with a self-signed certificate that is used for encrypted communications. The certificate and its thumbprint are stored in a Java keystore file.
To register a remote plug-in with vCenter Server, you need to determine the thumbprint of the plug-in application server, or save its security certificate, which you then use in arguments to the registration command.
Procedure
- Connect a browser to the application server, for example using the URL of the plug-in manifest.
The default URL for the manifest file is https://localhost:8443/sample-ui/plugin.json
.
- Examine the certificate presented by the application server.
This step depends on the browser. In Firefox for example, you click the padlock icon next to the URL, then select Connection secure > More information > View Certificate. The thumbprint is the field labelled SHA-256 and the certificate can be downloaded by the PEM (cert) link.
Note:
A SHA-1 fingerprint is also supported, but SHA-1 is deprecated in favor of SHA-256.
- Save the thumbprint in a text file, or save the PEM certificate in a file with .cer suffix.
vCenter Server expects the thumbprint (fingerprint) to contain colon-separated character pairs. As of vSphere 8.0 U3, the registration script changes unseparated or space-separated character pairs into the expected format.
What to do next
Use the application server thumbprint or PEM certificate when you register the plug-in with vCenter Server.