VMware vSphere SDKs and Tools 8.0

8.0 7.0 6.7 6.5

vSphere Client Plug-in Registration Tool

The vSphere Client SDK contains a plug-in registration tool that manages plug-in extension registration records in the vCenter Server ExtensionManager. The tool registers, unregisters, and updates the registration record of a plug-in.

Plug-in Registration Script

To register a plug-in, use this registration script in the SDK. It's a wrapper for a Java tool, which opens a session with a vCenter Server instance using the VMware Web Services API.
tools/vCenter plugin registration/prebuilt/extension-registration.sh

Plug-in Registration Script Syntax

The arguments of the registration script function as follows:
  • -action
     (required) can be one of:
    • registerPlugin
    • updatePlugin
    • unregisterPlugin
    • isPluginRegistered
  • -c
     or
    -company
     is the name of the plug-in vendor.
  • -insecure
     bypasses security checks on the vCenter Server certificate. This is not recommended for a production environment.
  • -k
     or
    -key
     (required) is an identification string for the plug-in. The plug-in registration record in the vCenter Server ExtensionManager contains this identification.
  • -local
     (default) is used to register or update a local plug-in. See also
    -remote
    .
  • -n
     or
    -name
     is a user-friendly identification string for the plug-in.
  • -p
     or
    -password
     (required) authenticates the vCenter Server user account. See also
    -username
    .
  • -ps
     or
    -pluginServers
     is a string that contains a JSON array of objects that specify endpoints for auxiliary services belonging to the plug-in. Each endpoint object must contain a
    url
     property to enable connections to the endpoint. The scheme must specify HTTP or HTTPS as the protocol. To support HTTPS connections to an endpoint, at least one of the fields
    serverThumbprint
     or
    serverCertificateFile
     must be set in the endpoint object. HTTP connections are not recommended for production use with the vSphere Client. The
    type
     property, required for auxiliary servers, is a service registration identifier string by which the plug-in front end can discover a needed endpoint.
    Choice and optional properties that can also be present in the object are:
    • serverThumbprint
       is the thumbprint (fingerprint) of the auxiliary server's SSL certificate. See constraints for the
      -st
       argument below.
    • serverCertificateFile
       is the path of the auxiliary server's SSL certificate on the local filesystem. See constraints for the
      -scf
       argument below. The certificate of the auxiliary server must contain the host name specified according to subjectAltName extension (RFC 2818, Section 3.1 Server Identity).
    • label
       (not currently used)
    • summary
       is a brief description of the auxiliary server.
    • company
       is the name of the plug-in server vendor.
    • adminEmail
  • -pu
     or
    -pluginUrl
     (required to register a plug-in) is the URL of the plug-in manifest served by the plug-in back end. The scheme must specify HTTP or HTTPS as the protocol. The path segment of the
    -pluginUrl
     must be specified relative to the directory where you run the plug-in server. **
  • -remote
     (required for a remote plug-in) is used to register or update a remote plug-in. See also
    -local
    .
  • -s
     or
    -summary
     is a brief description of the plug-in.
  • -show
     or
    -showInSolutionManager
     specifies that the plug-in will appear in the Solutions list of the Administration panel.
  • -st
     or
    -serverThumbprint
     is the SHA-256 signature of the plug-in back-end server certificate. Character pairs should be separated by colon separators.
  • -scf
     or
    -serverCertificateFile
     is the path on the local filesystem of the plug-in manifest server's SSL certificate file, in PEM or DER format. The certificate of a plug-in server record must contain the host name of the plug-in server in its
    subjectAltName
     extension as per RFC 2818, Section 3.1 Server Identity.
  • -u
     or
    -username
     (required) identifies a vCenter Server user account that has permission to write to the vCenter Server ExtensionManager. See also
    -password
    .
  • -url
     (required) is the URL of the
    /sdk
     resource of the vCenter Server. Use the fully qualified domain name of the vCenter Server instance. For example:
    https://my-vcsa.example.com/sdk
  • -v
     or
    -version
     (required) identifies the plug-in version.
  • -vct
     or
    --vcenterServerThumbprint
     supplies the certificate thumbprint for the vCenter Server instance. You can use this in development environments when the certificate is self-signed or otherwise not recognized by the browser.
  • -eventList
     - path to the event list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of event infos. Each object in the array must specify the
    eventId
     of the event. In addition, an optional XML descriptor for the
    EventType
     can be specified.
  • -faultList
     - path to the fault list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of fault infos. Each object in the array must specify the
    faultId
     of the fault.
  • -privilegeList
     - path to the privilege list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of privilege group objects. Each object in the array must specify the
    groupId
     of the privilege group and the privileges in that group. Each object in the
    privileges
     array must specify an
    privilegeId
     of the privilege.
  • -resourceList
     - path to the resource list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted object, where the keys are locales (for example 'en', 'fr', 'de' ..) and the values are objects with a key to be localized and the value is the localizable message.
  • -taskList
     - path to the tasks list JSON file, relative to the file system root of the manifest server. The file should contain a JSON formatted array of task infos. Each object in the array must specify the
    taskId
     of the task.
** To support HTTPS connections to the plug-in manifest server, at least one of the fields
serverThumbprint
 or
serverCertificateFile
 must be set in the endpoint object. Insecure HTTP connections are not recommended for production use with the vSphere Client.
When registering a plug-in, it's highly recommended to provide SSL certificates of the plug-in servers in addition to the thumbprints of the SSL certificates of the plug-in servers. Performing a full SSL certificate check during SSL handshake is more secure than performing an SSL certificate thumbprint check. Furthermore, in future vSphere releases, support for SSL certificate thumbprints will be dropped and full SSL certificates will be required.

Content feedback and comments