VMHost Heartbleed Fix for ESXi 5.5

If you don’t know about Heartbleed yet…Well I don’t know what to say… I guess check this out. http://heartbleed.com/

Unfortunately, ESXi is susceptible to this

The full kb is here from VMware  http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2076665

Fortunately it can be patched with everyone’s favorite patch tool VMware Update Manager

Now that I have been able to scan my hosts (Previous Post), I can see what updates are out there..

HostScan

For me this was the update I needed, fortunately it was listed in the Details..

HeartbleedKB

You can find which update you need by checking the full VMware KB

Awesome so let’s fix my stuff

I applied the needed patch for the Heartbleed issue, but we aren’t done yet. As with other heartbleed issues for other services now the certificate and root password needs to be renewed.

I pretty much followed exactly as the KB says including backing up the current certs before issuing new ones.

GenerateCerts

The I restarted the host, and had to ReConnect to it, and you will have to accept the new cert

ReConnectHost

The last step is reseting the root password. Which can be done by connecting the vSphere Client directly to the host.

Select Local Users and Group and go to the properties of the User want to change

ResetRoot Password

Now you should be done!

Again for full details check out the KB

Leave a Reply

%d bloggers like this: