esxi support - fix for folks in need #717
Description
hello im just posting this issue for folks who land here trying to setup pykmip with esxi and it "doesnt work" or you get com.vmware.vim.vmomi.core.exception.MarshallException: KeyProviderId required property id not set
in, at least, esxi 6.7, it seems the extended ssl properties are required. most random blogs will have you config the server with enable_tls_client_auth=False but this wont work out of the box.
when you setup your ssl cert, add the extended stuff like openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/ssl/private/selfsigned.key -out /etc/ssl/certs/selfsigned.crt -addext "extendedKeyUsage = serverAuth, clientAuth" and set the server config to True. esxi will work out of the box.
i saw in the pykmip log it was complaining about lack of extended ssl properties.
hope this helps home lab folks.