Home > Storage > PowerStore > Data Protection > Dell PowerStore: Cybersecurity > VMware vCenter Certificate
Administrators can gain visibility into VMware virtual machines directly in PowerStore Manager by establishing a connection to a vCenter server.
In the IT industry, cybersecurity vulnerabilities such as man-in-the-middle attacks, data breaches, denial of service, and identity theft are prevalent, especially concerning data. PowerStoreOS 4.0 and later allows administrators to enable certificate verification before the system communicates with vCenter to strengthen its cybersecurity. This provides the administrator the ability to confirm that PowerStore is interacting with the intended vCenter. When registering a new vCenter on PowerStoreOS 4.0, the newly added "Verify SSL server certificate" checkbox is checked by default and highly recommended
.
When this is enabled, the system checks the validity of the certificate by comparing the Fully Qualified Domain Name (FQDN) or IP address, confirms the certificate’s start date has passed, and ensures the certificate has not expired and will not expire soon. If all checks pass, the certificate details are displayed to the administrator. The administrator can then compare these details to the certificate in vCenter directly. If the administrator confirms that everything matches, PowerStore then saves a copy of the certificate, and authorizes communication between vCenter and PowerStore. If the certificate does not match, the system immediately designates it as untrusted, blocking communication with vCenter.
If an administrator disables this feature, the registration process proceeds without vCenter certificate verification, similar to pre-4.0 releases. If the vCenter connection is removed in PowerStore Manager, the vCenter certificate is also removed, making the certificate untrusted and all communication with the disconnected vCenter ceases. However, the vCenter can be re-added again later using the same process.
If certificate verification is enabled and the administrator re-validates the certificate, it’s marked as trusted, and communication is allowed. If certificate verification is disabled, the vCenter registration process proceeds without validating the certificate’s details, and it is not displayed to the administrator.