The connection between vCenter and the ESXHost is established and maintained by certificates.
You as an administrator would like to know when you certificates expire.
So I wrote a small function that can help get the certificate used from the hosts that are connected to your vcenter.
Function Get-ESXHostCertificateInfo {
[cmdletbinding ()]
param (
[Parameter(Mandatory=$true)]
[VMware.Vim.HostSystem]$HostData)
$Certificate = New-Object System.Security.Cryptography.X509Certificates.X509Certificate2
$Certificate.Import($HostData.config.certificate)
$Certificate.FriendlyName = $HostData.name
[System.Security.Cryptography.X509Certificates.X509Certificate2]$Certificate
}
The input for this function is a [VMware.Vim.HostSystem] object this is generated with the standard VMware command
Get-view -ViewType HostSystem -Server <vCenterServer>
When the Function is loaded you can use the following small script to get the data out of your vcenter or vcenters.
$vCenters = @('vCenter1','vCenter2')
[pscredential]$Cred = Get-Credential
Connect-VIServer -Server $vCenters -Credential $Cred
$ESXhosts = Get-View -ViewType HostSystem -Property Name,Config.Certificate
$data = $ESXhosts | ForEach-Object {
Write-verbose "Processing $($_.name)" -verbose
Get-ESXHostCertificateInfo $_ } | Select Friendlyname, ThumbPrint, NotAfter
In my Lab this is generating the following output
FriendlyName Thumbprint NotAfter ------------ ---------- -------- esxi65-03.usefullab.nl EE63C6F70B193813454881377F76D23AFCCCD14E 11/08/2023 12:11:42 esxi65-02.usefullab.nl E136C5D12CC38E2D6C97E6D044F46DA0EC03A332 11/08/2023 15:32:22 esxi65-04.usefullab.nl 04C3011BE2DD409190B3A483951E6E40B19FCFF6 24/08/2023 11:54:37 esxi65-01.usefullab.nl 75059A809EA27EF0F7C91C7F6CD297D886D952E0 09/08/2023 05:46:00
About The Author
More Stories
Running PowerShell Hyper-V and VMWare Modules
Extend the Evaluation Period on Windows Server
Now using Ansible, Chocolatey, Powershell