Get Thumbprint or Certificate of Remote Plug-in Server

The remote plug-in sample has an embedded application server with a self-signed certificate that is used for encrypted communications. The certificate and its thumbprint are stored in a Java keystore file.
  • Start the server.
  • Find the server's port number. The default port number is 8443. You can configure a different port number in the
    application.properties
    file.
To register a remote plug-in with vCenter Server, you need to determine the thumbprint of the plug-in application server, or save its security certificate, which you then use in arguments to the registration command.
  1. Connect a browser to the application server, for example using the URL of the plug-in manifest.
    The default URL for the manifest file is
    https://localhost:8443/sample-ui/plugin.json
    .
  2. Examine the certificate presented by the application server.
    This step depends on the browser. In Firefox for example, you click the padlock icon next to the URL, then select
    Connection secure
    >
    More information
    >
    View Certificate
    . The thumbprint is the field labelled
    SHA-256
    and the certificate can be downloaded by the
    PEM (cert)
    link.
    A SHA-1 fingerprint is also supported, but SHA-1 is deprecated in favor of SHA-256.
  3. Save the thumbprint in a text file, or save the PEM certificate in a file with
    .cer
    suffix.
    vCenter Server expects the thumbprint (fingerprint) to contain colon-separated character pairs. As of vSphere 8.0 U3, the registration script changes unseparated or space-separated character pairs into the expected format.
Use the application server thumbprint or PEM certificate when you register the plug-in with vCenter Server.