A very quick post this one, but an annoying thing I often see left unchecked in environments, that is simple to fix in a minute. Yes, this is an old topic, but it’s still too evident today….
This should be in your “just do it” category.
It’s the awful Certificate warning displayed in your Powershell session when you connect to a vCenter server (or direct to a ESXi host) that hasn’t had the default SSL certs replaced.
For whatever reason (I don’t judge) it can be a PITA for busy admins to bother sorting and replacing the SSL certs, or perhaps they are “CLI-shy” and just don’t see it.
It’s the PowerCLI equivalent of this; (which is almost always is installed/ignored)
For me though, if you can’t fix it, you should at least SUPPRESS it and not fill that session up with yellow clutter and delay your script connection times.
The setting to change this is stored in the PowerCLIConfiguration context and current settings can be displayed using;
|
1 |
Get-PowerCLIConfiguration |
Not a whole lot there, but we can see the “InvalidCertificateAction” is unset.
So let’s set it to ignore;
|
1 |
Set-PowerCLIConfiguration -InvalidCertificateAction ignore -confirm:$false |
Done. Easy. Gone !
No yellow clutter. Happy days…. Now go do something interesting 😉
Good article
stupid windows 10!! execute cli as administrator…
DavidE – Doh! How could I forget that. Thanks!
Running this command in PowerShell (as admin) and getting the error: Get-PowerCLIConfiguration: The term ‘Get-PowerCLIConfiguration’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name or if a path was included, verify that the path is correct and trya gain. At line:1 char:1 +Get-PowerCLIConfiguration – etc, etc ,etc…
Make sure you have loaded the PowerCLi modules into PowerShell;
Add-PSSnapin VMware.VimAutomation.Core
Thanks for taking the time to make the post. I couldn’t find anything on how to use the -confirm option. i am not too PS literate and your example with -confirm:$false proves to be very useful reducing clutter.
Thanks this worked beautifully for me.
I have a script that Could not establish trust relationship for the SSL/TLS secure channel. After a little research I discovered it was due to the Self Signed Cert. In your opinion Would supressing the warning have the my script ignore it?
Thanks –
This did the trick for me.. Thank you for taking time to post the solution. BTW, I am running on CentOS7.3
Thanks !
thanks! been looking for this 🙂
WOW !! Easy to do.
Good stuff. I also disable the customer experience participation stuff (similar yellow text) with this one liner:
Set-PowerCLIConfiguration -Scope User -ParticipateInCEIP $false