dlinsley · September 19, 2017 21:20
diff --git a/replaceCertEmbedPSC_vROguestScriptManager_1.js b/replaceCertEmbedPSC_vROguestScriptManager_1.js
 //Scriptable Tasks Inputs:
 //
 //
 //Scriptable Tasks Outputs:
 //
 // script - String - script to execute with guest script manager

 script = "/usr/lib/vmware-vmafd/bin/vecs-cli entry getcert --store MACHINE_SSL_CERT --alias __MACHINE_CERT --output /usr/lib/vmware-vmafd/bin/original.crt\n";
 script += "/usr/bin/openssl x509 -in /usr/lib/vmware-vmafd/bin/original.crt -noout -sha1 -fingerprint | /usr/bin/cut -d= -f 2";
diff --git a/replaceCertEmbedPSC_vROguestScriptManager_2.js b/replaceCertEmbedPSC_vROguestScriptManager_2.js
 //Scriptable Tasks Inputs:
 //
 // cert               - String - PEM encoded new certificate
 // key                - String - PEM encoded private key of new Certificate
 // intermediary1      - String - PEM encoded intermediary certificate
 // intermediary2      - String - PEM encoded intermediary certificate (if more than one is required)
 // originalThumbprint - String - SHA1 thumbprint of the existing machine certificate
 // password           - SecureString - password of SSO admin user: [email protected]
 //
 //Scriptable Tasks Outputs:
 //
 // script - String - script to execute with guest script manager


 script = "echo '"+cert+"' > /usr/lib/vmware-vmafd/bin/newcert\n";
 script += "echo '"+key+"' > /usr/lib/vmware-vmafd/bin/newkey\n";
 script += "echo '"+intermediary1+"' > /usr/lib/vmware-vmafd/bin/intermediatecert\n";
 script += "echo '"+intermediary2+"' >> /usr/lib/vmware-vmafd/bin/intermediatecert\n";

 script += "/usr/lib/vmware-vmafd/bin/dir-cli trustedcert publish --chain --cert /usr/lib/vmware-vmafd/bin/intermediatecert --login [email protected] --password '"+password+"'\n";
 script += "/usr/lib/vmware-vmafd/bin/vecs-cli force-refresh\n";

 script += "/usr/lib/vmware-vmafd/bin/vecs-cli entry delete --store MACHINE_SSL_CERT --alias __MACHINE_CERT -y\n";
 script += "/usr/lib/vmware-vmafd/bin/vecs-cli entry create --store MACHINE_SSL_CERT --alias __MACHINE_CERT --cert /usr/lib/vmware-vmafd/bin/newcert --key /usr/lib/vmware-vmafd/bin/newkey\n";
 script += "VMWARE_JAVA_HOME=/usr/java/jre-vmware VMWARE_CFG_DIR=/etc/vmware /usr/lib/vmidentity/tools/scripts/ls_update_certs.py --url https://localhost/lookupservice/sdk --fingerprint "+originalThumbprint+" --certfile /usr/lib/vmware-vmafd/bin/newcert --user [email protected] --password '"+password+"'\n";
	//Scriptable Tasks Inputs:
	//
	//
	//Scriptable Tasks Outputs:
	//
	// script - String - script to execute with guest script manager

	script = "/usr/lib/vmware-vmafd/bin/vecs-cli entry getcert --store MACHINE_SSL_CERT --alias __MACHINE_CERT --output /usr/lib/vmware-vmafd/bin/original.crt\n";
	script += "/usr/bin/openssl x509 -in /usr/lib/vmware-vmafd/bin/original.crt -noout -sha1 -fingerprint \| /usr/bin/cut -d= -f 2";
	//Scriptable Tasks Inputs:
	//
	// cert - String - PEM encoded new certificate
	// key - String - PEM encoded private key of new Certificate
	// intermediary1 - String - PEM encoded intermediary certificate
	// intermediary2 - String - PEM encoded intermediary certificate (if more than one is required)
	// originalThumbprint - String - SHA1 thumbprint of the existing machine certificate
	// password - SecureString - password of SSO admin user: [email protected]
	//
	//Scriptable Tasks Outputs:
	//
	// script - String - script to execute with guest script manager


	script = "echo '"+cert+"' > /usr/lib/vmware-vmafd/bin/newcert\n";
	script += "echo '"+key+"' > /usr/lib/vmware-vmafd/bin/newkey\n";
	script += "echo '"+intermediary1+"' > /usr/lib/vmware-vmafd/bin/intermediatecert\n";
	script += "echo '"+intermediary2+"' >> /usr/lib/vmware-vmafd/bin/intermediatecert\n";

	script += "/usr/lib/vmware-vmafd/bin/dir-cli trustedcert publish --chain --cert /usr/lib/vmware-vmafd/bin/intermediatecert --login [email protected] --password '"+password+"'\n";
	script += "/usr/lib/vmware-vmafd/bin/vecs-cli force-refresh\n";

	script += "/usr/lib/vmware-vmafd/bin/vecs-cli entry delete --store MACHINE_SSL_CERT --alias __MACHINE_CERT -y\n";
	script += "/usr/lib/vmware-vmafd/bin/vecs-cli entry create --store MACHINE_SSL_CERT --alias __MACHINE_CERT --cert /usr/lib/vmware-vmafd/bin/newcert --key /usr/lib/vmware-vmafd/bin/newkey\n";
	script += "VMWARE_JAVA_HOME=/usr/java/jre-vmware VMWARE_CFG_DIR=/etc/vmware /usr/lib/vmidentity/tools/scripts/ls_update_certs.py --url https://localhost/lookupservice/sdk --fingerprint "+originalThumbprint+" --certfile /usr/lib/vmware-vmafd/bin/newcert --user [email protected] --password '"+password+"'\n";