voltron/NodeMgmt
1
1
Fork 0
Code Issues Pull Requests Releases 1 Activity

Update vCenter-SSL.ps1

Browse Source
This commit is contained in:
David Schroeder
2025-11-15 19:56:59 -06:00
parent 6bc7835728
commit c478f4d8b5
1 changed files with 14 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
inc/vCenter-SSL.ps1
View File

@@ -1,6 +1,6 @@
#!/usr/bin/env pwsh #!/usr/bin/env pwsh
# ----------------------------------------------------------------------------------- # -----------------------------------------------------------------------------------
# vCenter + Posh-ACME Script using PowerCLI (TLS-safe, ACME fixed) # vCenter + Posh-ACME Script using PowerCLI (Final Corrected)
# ----------------------------------------------------------------------------------- # -----------------------------------------------------------------------------------
. /opt/idssys/nodemgmt/conf/powerwall/settings.ps1 . /opt/idssys/nodemgmt/conf/powerwall/settings.ps1
@@ -37,9 +37,7 @@ if (-not (Get-Module -ListAvailable -Name VMware.PowerCLI)) {
} }
Import-Module VMware.PowerCLI -ErrorAction Stop Import-Module VMware.PowerCLI -ErrorAction Stop
# ----------------------------
# Ignore self-signed cert warnings # Ignore self-signed cert warnings
# ----------------------------
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false | Out-Null Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -Confirm:$false | Out-Null
# ---------------------------- # ----------------------------
@@ -75,9 +73,16 @@ Import-Module Posh-ACME -ErrorAction Stop
# ---------------------------- # ----------------------------
# ACME / PowerDNS certificate request # ACME / PowerDNS certificate request
# ---------------------------- # ----------------------------
# Ensure API key is plain string (Posh-ACME PowerDNS plugin requires string)
if ($PDNSAPI -is [System.Security.SecureString]) {
$PDNSAPI = [Runtime.InteropServices.Marshal]::PtrToStringAuto(
[Runtime.InteropServices.Marshal]::SecureStringToBSTR($PDNSAPI)
)
}
$pArgs = @{ $pArgs = @{
PowerDNSApiHost = $WDNSHOST PowerDNSApiHost = $WDNSHOST
PowerDNSApiKey = $PDNSAPI # Plain string, do NOT convert to SecureString PowerDNSApiKey = $PDNSAPI
PowerDNSUseTLS = $true PowerDNSUseTLS = $true
PowerDNSPort = 443 PowerDNSPort = 443
PowerDNSServerName = 'localhost' PowerDNSServerName = 'localhost'
@@ -113,7 +118,7 @@ if ($certSuccess) {
} }
# ---------------------------- # ----------------------------
# Upload and apply certificate via REST (PowerCLI session) # Upload and apply certificate via REST
# ---------------------------- # ----------------------------
if ($certSuccess) { if ($certSuccess) {
try { try {
@@ -143,12 +148,12 @@ if ($certSuccess) {
} }
# ---------------------------- # ----------------------------
# Restart vpxd service via PowerCLI (safe) # Restart vpxd service via REST (safe for vCenter appliance)
# ---------------------------- # ----------------------------
try { try {
Write-Host "Restarting vpxd service..." -ForegroundColor Yellow Write-Host "Restarting vpxd service via REST..." -ForegroundColor Yellow
$service = Get-VMHostService -VMHost $VCENTERHOST | Where-Object { $_.Key -eq "vpxd" } $uriRestart = "https://$VCENTERHOST/rest/appliance/system/services/vpxd?action=restart"
if ($service) { Restart-VMHostService -HostService $service -Confirm:$false } Invoke-RestMethod -Uri $uriRestart -Method Post -Headers $sessionHeaders -SkipCertificateCheck
Write-Host "vpxd service restart requested." -ForegroundColor Yellow Write-Host "vpxd service restart requested." -ForegroundColor Yellow
} catch { } catch {
Write-Host "Failed to restart vpxd service: $($_.Exception.Message)" -ForegroundColor Yellow Write-Host "Failed to restart vpxd service: $($_.Exception.Message)" -ForegroundColor Yellow