vSphere Client Plug-in Registration Tool
The vSphere Client SDK contains a
plug-in registration tool that manages plug-in extension registration records in the vCenter
Server ExtensionManager. The tool registers, unregisters, and updates the registration record of
a plug-in.
Plug-in Registration Script
To register a plug-in, use this registration script
in the SDK. It's a wrapper for a Java tool, which opens a session with a vCenter Server
instance using the VMware Web Services API.
tools/vCenter plugin registration/prebuilt/extension-registration.sh
Plug-in Registration Script Syntax
The arguments of the registration script function as follows:
- -action(required) can be one of:
- registerPlugin
- updatePlugin
- unregisterPlugin
- isPluginRegistered
- -cor-companyis the name of the plug-in vendor.
- -insecurebypasses security checks on the vCenter Server certificate. This is not recommended for a production environment.
- -kor-key(required) is an identification string for the plug-in. The plug-in registration record in the vCenter Server ExtensionManager contains this identification.
- -local(default) is used to register or update a local plug-in. See also-remote.
- -nor-nameis a user-friendly identification string for the plug-in.
- -por-password(required) authenticates the vCenter Server user account. See also-username.
- -psor-pluginServersis a string that contains a JSON array of objects that specify endpoints for auxiliary services belonging to the plug-in. Each endpoint object must contain aurlproperty to enable connections to the endpoint. The scheme must specify HTTP or HTTPS as the protocol. To support HTTPS connections to an endpoint, at least one of the fieldsserverThumbprintorserverCertificateFilemust be set in the endpoint object. HTTP connections are not recommended for production use with the vSphere Client. Thetypeproperty, required for auxiliary servers, is a service registration identifier string by which the plug-in front end can discover a needed endpoint.Choice and optional properties that can also be present in the object are:
- serverThumbprintis the thumbprint (fingerprint) of the auxiliary server's SSL certificate. See constraints for the-stargument below.
- serverCertificateFileis the path of the auxiliary server's SSL certificate on the local filesystem. See constraints for the-scfargument below. The certificate of the auxiliary server must contain the host name specified according to subjectAltName extension (RFC 2818, Section 3.1 Server Identity).
- label(not currently used)
- summaryis a brief description of the auxiliary server.
- companyis the name of the plug-in server vendor.
- adminEmail
- -puor-pluginUrl(required to register a plug-in) is the URL of the plug-in manifest served by the plug-in back end. The scheme must specify HTTP or HTTPS as the protocol. The path segment of the-pluginUrlmust be specified relative to the directory where you run the plug-in server. **
- -remote(required for a remote plug-in) is used to register or update a remote plug-in. See also-local.
- -sor-summaryis a brief description of the plug-in.
- -showor-showInSolutionManagerspecifies that the plug-in will appear in the Solutions list of the Administration panel.
- -stor-serverThumbprintis the SHA-256 signature of the plug-in back-end server certificate. Character pairs should be separated by colon separators.
- -scfor-serverCertificateFileis the path on the local filesystem of the plug-in manifest server's SSL certificate file, in PEM or DER format. The certificate of a plug-in server record must contain the host name of the plug-in server in itssubjectAltNameextension as per RFC 2818, Section 3.1 Server Identity.
- -uor-username(required) identifies a vCenter Server user account that has permission to write to the vCenter Server ExtensionManager. See also-password.
- -url(required) is the URL of the/sdkresource of the vCenter Server. Use the fully qualified domain name of the vCenter Server instance. For example:https://my-vcsa.example.com/sdk
- -vor-version(required) identifies the plug-in version.
- -vctor--vcenterServerThumbprintsupplies the certificate thumbprint for the vCenter Server instance. You can use this in development environments when the certificate is self-signed or otherwise not recognized by the browser.
- -eventList- path to the event list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of event infos. Each object in the array must specify theeventIdof the event. In addition, an optional XML descriptor for theEventTypecan be specified.
- -faultList- path to the fault list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of fault infos. Each object in the array must specify thefaultIdof the fault.
- -privilegeList- path to the privilege list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of privilege group objects. Each object in the array must specify thegroupIdof the privilege group and the privileges in that group. Each object in theprivilegesarray must specify anprivilegeIdof the privilege.
- -resourceList- path to the resource list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted object, where the keys are locales (for example 'en', 'fr', 'de' ..) and the values are objects with a key to be localized and the value is the localizable message.
- -taskList- path to the tasks list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of task infos. Each object in the array must specify thetaskIdof the task.
** To support HTTPS connections to the plug-in
manifest server, at least one of the fields
serverThumbprint
or
serverCertificateFile
must be set in the endpoint object. Insecure HTTP
connections are not recommended for production use with the vSphere Client.When registering a plug-in, it's highly
recommended to provide SSL certificates of the plug-in servers in addition to the
thumbprints of the SSL certificates of the plug-in servers. Performing a full SSL
certificate check during SSL handshake is more secure than performing an SSL certificate
thumbprint check. Furthermore, in future vSphere releases, support for SSL certificate
thumbprints will be dropped and full SSL certificates will be required.