Replacing default issued SSL certificates for components in the VMware stack with those from a CA is a massive area of pain but has become absolutely necessary from a security perspective. Moreover, as recent events such as the SSL Heartbleed incident have shown, it is not enough to just replace the default certificates; these need to be monitored for unexpected revocations as well as scheduled expiry and a process needs to be in place to fully automate the monitoring and replacement process.
Presenting vCert Manager from VSS Labs.
vCert Manager ™ provides fully automated management of SSL Certificates in a VMware environment across the entire lifecycle. It is a single pane of glass solution for creating, managing and applying custom SSL certificates for VMware components, including the creation of certificate signing requests, applying to various different Certificate Authorities, and upon issuance of the certificate, automatically applying it to the particular VMware component. vCert Manager ™ further monitors the environment for expiring and revoked certificates and offers fully automated replacement based on customer policies.