vCenter Server Advance Settings Configuration

vCenter Advance settings is used to modify the vpxd.cfg configuration file. To view the configuration options available with Advance settings, login to Web Client and select vCenter server from vCenter Inventory list and navigate to Manage > Settings > Advanced Settings as sown below.

You can use Advanced Settings to add/edit entries to the vpxd.cfg file, but can’t delete them. A user should have Globa.Settings privileges to make any configuration change from here. 

For e.g to see list of available options for certificate related settings, type certmgmt in search box and hit enter.

Some of the commonly used advanced settings are listed in below table:

 

                Value                                                                      Description
vpxd.cert.threshold  In vSphere 6.0, vCenter Server monitors all certificates in the VMware Endpoint Certificate Store and issues an alarm when a certificate is 30 days or less from its expiration. You can change how soon you are warned with the vpxd.cert.threshold advanced option.

 For example if you set this value to 10 days, then vCenter will warn you only when there are 10 days or less for certificate expiration.

vpxd.certmgmt.mode For small environments, using VMCA using VMCA issued certificates for your ESXi hosts is the best solution. If your organization policy requires the use of custom certificates with a different root CA, you can edit this vCenter Server setting so that the hosts are not automatically provisioned with VMCA certificates when you refresh certificates.

Change the value of vpxd.certmgmt.mode to custom if you intend to manage your own certificates, and to thumbprint if you temporarily want to use thumbprint mode and restart Vcenter server service.

vpxd.certmgmt.certs.cn.hardThreshold Hard threshold for certificate expiration. vCenter Server raises a red alarm when this threshold is reached.
vpxd.certmgmt.certs.cn.country Country Name for the ESXi Host Certificates. Default is USA.

If you set it to say India, then the default country code will be presented as IN when you run the certificate manager utility to generate/replace certs

vpxd.certmgmt.certs.cn.localityName Locality Name for ESXi Host Certificates. Default is Palo Alto
vpxd.certmgmt.certs.cn.state State Name for ESXi Host Certificates. Default is California
vpxd.certmgmt.certs.cn.organizationalUnitName Organizational Unit Name for ESXi Host Certificates. Default is VMware Engineering
vpxd.certmgmt.certs.cn.organizationName Organization Name for ESXi Host Certificates. Default is Vmware
vpxd.certmgmt.certs.pollIntervalDays Interval in days between Esxi host certificate validity checks by the vCenter server system
config.vpxd.heartbeat.udp-port Default port for vCenter and Esxi heartbeat exchange. Default value is 902.
config.vpxd.network.rollback Network rollback was a feature which was introduced in vSphere 5.1. Host networking rollbacks occur when an invalid change is made to the host networking configuration. Every network change that disconnects a host  triggers a rollback.

By default it is set to true. You can force this value to false to disable network rollback.

config.vpxd.secureSoapPort Default value is 8089
config.vpxd.soapPort Default value is 8085
VirtualCenter.VimPasswordExpirationInDays VIM password expiration in days. Default value is 30 days
config.log.compressOnRoll This settings defines whether or not logs will be compressed when they roll out. Default value is true
config.log.level Default setting is Info. Other accepted values for this settings are: none,error,warning,verbose and trivia
mail.smtp.username smtp username that vCenter server will use for sending email notifications in case of vCenter events
mail.smtp.port Port number for sending email. Default value is 25
mail.smtp.password password of the smtp username

 

For more information on vCenter Advance Settings, please see below articles

Advanced settings for vSphere 5.5 & 6.0

vpxd.cfg advance configuration

vCenter Certificate Management Default Values

I hope you enjoyed reading this post. Feel free to share this on social media if it is worth sharing. Be sociable 🙂

Add a Comment