Find the SSL Thumbprint of the Remote Plug-in Server

The remote plug-in sample has an embedded application server with a self-signed certificate that is used in encrypted communications. The certificate and its thumbprint are stored in a Java keystore file.

To register a remote plug-in with vCenter Server you need to determine the thumbprint of the plug-in application server's identity certificate. You use this thumbprint in the arguments to the registration command.

Prerequisites

  • Start the server.

  • Find the server's port number. The default port number is 8443. You can configure a different port number in the application.properties file.

Procedure

  1. Connect a browser to the application server, for example, using the URL of the plug-in manifest.

    The default URL for the manifest file is https://localhost:8443/sample-ui/plugin.json.

  2. Examine the certificate presented by the application server.

    The way to examine the certificate depends on the browser. For example, you can view a server certificate in Firefox by clicking the padlock icon next to the URL, then selecting More Information > View Certificate. The thumbprint is the field labelled SHA-256 Fingerprint.

    Note:

    A SHA-1 fingerprint is also supported, but SHA-1 is deprecated in favor of SHA-256.

  3. Save the certificate thumbprint to a text file.

    If the thumbprint contains colon separators, do not remove them. If the thumbprint contains spaces or other separators, replace them with colons. If the thumbprint has no separators, insert a colon after every two digits. This is the format accepted by vCenter Server when you register the plug-in server.

What to do next

Use the application server thumbprint when you register the plug-in with vCenter Server.