Server has a weak ephemeral Diffie-Hellman public key vRealize Orchestrator Script

So our friends in the browser world decided what length of encryption keys are no longer secure.  In this case it effects Chrome and Firefox.  vRo has the ability to not present the insecure keys but the current version out of the box does not do this.   I know a lot of VMware administrators come from the Windows side of the house and are uncomfortable with linux command line.   Since I came from Linux I figured I would provide a script to resolve this issue.   It really does not do anything that is not already provided in the VMware KB.  It does help you avoid using VI which I know is the bane of most Windows admins.

So here is how to use it:

  1. Login to your VCO server with putty (login as root)
  2. Login to your VCO server with WINSCP (login as root)
  3. Copy the script provided into the base directory with WINSCP
  4. Switch to your putty session and type
  5. mv change_key.sh.txt change_key.sh
  6. chmod 755 change_key.sh
  7. Then type exactly
./change_key.sh

Wait for it to complete and you are done.   You can also just run the commands in the script manually.   I hope it helps a little.

change_key.sh

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.