In vCAC 6, the Linux guest agent needs to use SSL to communicate with the vCAC Iaas Windows Server. This requires that a valid PEM file is present in the /usr/share/gugent director after you have installed the Linux guest agent RPM and before you run instalgugent.sh
The common problem you will see in vCAC is the deployment failed after the request is stuck in customizeOS state for a long period of time.
The problem is that some versions of Linux may have different releases of OpenSSL which can pull the SSL certificate from vCAC improperly resulting in an empty PEM file.
In this post I will show you the fool proof way to make sure the cert is properly installed on your Linux tempate.
First off, open firefox to your FQDN of your vCAC IaaS box and login as your cloud admin for example https://vcac-w8-01a.corp.local
Click the Lock and then click more information
Now click View Certificate
On the next screen click the Details tab, then click export
Now click Export and save the file to your desktop, make sure to save as cert and type X.509 Certificate (PEM)
Now use WinSCP to copy the cert.crt file to your Linux template to the /usr/share/gugent directory
Now SSH into your Linux template and change director to /usr/share/gugent directory
Now run the command openssl x509 -in mycert.crt -out mycert.pem -outform PEM
openssl x509 -in cert.crt -out cert.pem -outform PEM
Shutdown your Linux template and configure your blueprint in vCAC to use it. NOTE: If you are using linked clones you will need to create a new snapshot, run an inventory scan in vCAC and also repoint the blueprint to the new snapshot.
Be sure to re-tweet if this was helpful!