Importing vCloud Air SSL Certificate on the vCenter Server Appliance 5.x

I’m playing around a bit with vCloud Air and Virtual Private Cloud OnDemand, and in order to set up the vCloud Hybrid Service plugin in the vSphere Web Client you need to import the vCloud Air SSL certificate into vCenter. If the certificate isn’t present in the vCSA keystore when you try to authenticate with vCloud Air, you get a “Server Certificate not Verified” error, and you will be unsuccessful in configuring the plugin.

The Using the vCloud Hybrid Service vSphere Client Plug-in document outlines how this can be accomplished, but it’s based on downloading the SSL certificate via a browser and then importing it into the vCenter Keystore. Since I mostly run the vCenter Server Appliance, I didn’t want to bother with downloading it from one of my desktops, and copying the files over to the vCSA for import.

I mean, there has to be a better way to do that, via the command line, right? Indeed there is, this little one-liner downloads and formats the certificate from to /tmp on the vCSA, and then proceeds to import it into the keystore.


echo -n | openssl s_client -connect | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /tmp/vchs.cer && /usr/java/jre-vmware/bin/keytool -alias vchs -v -keystore /usr/lib/vmware-vsphere-client/server/configuration/keystore -storepass changeit -import -file /tmp/vchs.cer

All you have to to is press ‘y’ to confirm the import:

Trust this certificate? [no]: y
Certificate was added to keystore
[Storing /usr/lib/vmware-vsphere-client/server/configuration/keystore]
vcenter:/tmp #

And there it is, you can now add your vCloud Air credentials via the vSphere Web Client, without having to copy any files from your browser/desktop to the vCSA.

Nerdgasm: Combining Todoist and Evernote, because awesome

A while back I declared Evernote bankruptcy, even if I managed to misspell it while doing so:

  The thing is, I really want to use Evernote in a proper and organised manner. The problem is; I was completely unable to do so, mostly since I had no clear idea on the how, the when and the why back when I started using it many moons ago. In the end, all I had was a lot of unorganised notes, with no clear idea or taxonomy. So, to get myself out of the mess I had made, I decided to delete all my notebooks, and stacks, and move every single note I had into a new @graveyard notebook. I then decided on a new top-level notebook hierarchy that I wanted to make general enough to fit most notes into, but still keep it reasonably structured. For now, I’ve decided on the following structure (I’ve excluded a couple here, but you get the gist):

  • @Graveyard
  • @Inbox
  • @To-Do
  • @To-Blog
  • Personal
  • Professional
  • Clippings


  So far this works really well, and it’s easy to find a fitting notebook to place new notes in. I have yet to really do the required cleanup of tags to also make sure that I’m consistently using a sensible taxonomy, but I’m getting there slowly. For more tips on how you can organize Evernote, check out Matt Brenders The Non-obvious Guide to Evernote Awesomeness. I clearly need to have a closer look to the suggestions Matt has about using tags! I realize that the title of this post has nothing to do with how I managed to get control over my Evernote content again, but rather how I use it in conjunction with Todoist. So here it is; As with most other popular online services, both Todoist and Evernote integrate with IFTTT.  I’ve set up a recipe that automatically creates a new note in my @To-Do notebook when a new task is added in Todoist: IFTTT Recipe: Create To-Do note in Evernote from tasks in Todoist connects todoist to evernote

Pre-formatted notes like this makes it easy to fill out detailed information for the task in Evernote, without cluttering the Todoist tasks with information that is better stored and indexed in Evernote.

The pre-formatted notes looks like this:

Evernote 2014-12-03 17-34-14


In addition to this, I’ve created a saved search in Evernote called “Daily Review (any:any: created:day updated:day)” that shows me all notes that has been updated the same day, to give me a quick overview. Not quite GTD, but better than total anarchy and disarray.

I also have IFTTT recipes for putting the tweets I favorite into Evernote, so I reference and move the ones I want to inspect further into either @To-Read or @To-Learn.

So far, so good. At least there is some level of organization to my Evernote madness now, and that has to be a good thing.

Featured Photo by Zeusandhera

EVO:RAIL: Doing the methmath.

Howard Marks has published a post I’ve been meaning do myself, but to be honest, I’m glad Howard put it out there. His is way more researched and comprehensive than mine would ever have been.

In his The True Cost Of Hyperconvergence article, Howard compares buying a new EVO:RAIL system, with building your own. Complete with the required hardware, licenses and support contracts. The result might come as a surprise to some…

One question Howard doesn’t ask though is this;
What happens to the bundled VMware licenses after the initial three years? The initial cost of the EVO:RAIL includes 3 years SnS, but what happens in year 4? I guess you can buy more years of support, and extend the period easily, but I have not verified this in any way.

But this opens up for another question;
What happens when you replace your EVO:RAIL after 3, 4 or 5 years? Do you have to buy a new one, complete with new licenses, even if you have paid SnS for the entire period, and what happens to the bundled VMware licenses when you replace your EVO:RAIL?

As far as I can see, the licenses follow the hardware (think Microsoft OEM licensing here), so if you decide to replace it, you have to acquire new licenses for your new hardware. At least Microsoft offers OEM licenses at a discount.

So it seems that not only do you not get discounted VMware licenses when you purchase an EVO:RAIL, you also don’t get to keep the licenses if you ever replace the hardware.

Don’t get me wrong here, I love the EVO:RAIL concept and I had really high hopes for it, but sadly I feel that VMware has missed the mark here with quite some margin. In my opinion this could have made real ripples in a lot of datacenters, and helped smaller businesses “get with the SDDC program”, but with it’s current price point and licensing issues, I just don’t see it happening.

As a concept it’s really solid. As a physical form factor, it’s brilliant. As a quick delivery method for quite complex software, it’s amazing. Sadly all of this comes at a premium, a premium I’m unsure if the market is really willing to pay, at least not in it’s current iteration.