When you are testing Virtual Machine Manager (VMM) in System Center 2016 and you want to connect your Azure Subscription connected you need a Certificate and publish this is the admin portal. But as you thought he cool I can access all my resource groups VM’s and my old VM’s eh no VMM 2016 Preview can only manage the old VM’s.
To do this go to the VMM Console and Add Subscription
Easy as it is fill in the blanks
The Display name is the name you want and has no pointer to Azure
the Subscription ID is directly linked to Azure this is where your VM’s are
The Certificate we need to make this by hand.
First the Subscription ID go to the Azure.com portal and in the Subscriptions there is the ID.
Next we need a Certificate for a selfsigned certificate we can use Makecert but what fun is that .
Makecert.exe
Create a new self-signed certificate
You can use any tool available to create a self-signed certificate as long as they adhere to these settings:
- An X.509 certificate.
- Contains a private key.
- Created for key exchange (.pfx file).
- Subject name must match the domain used to access the cloud service. > You cannot acquire an SSL certificate for the cloudapp.net (or for any Azure related) domain; the certificate’s subject name must match the custom domain name used to access your application. For example, contoso.net, not contoso.cloudapp.net.
- Minimum of 2048-bit encryption.
- Service Certificate Only: Client-side certificate must reside in the Personal certificate store.
There are two easy ways to create a certificate on Windows, with the makecert.exe
utility, or IIS.
Makecert.exe
This utility has been deprecated and is no longer documented here. Please see this MSDN article for more information.
Create a Certificate with Powershell
there is a new command in powershell : New-SelfSignedCertificate
this is how we create a certificate quick and easy and I also exported the Certificate
#Create new Certificate
$cert = New-SelfSignedCertificate -Subject AzureVMM01 -FriendlyName AzureVMM01 -Type Custom -CertStoreLocation "Cert:\currentuser\My" -KeyExportPolicy ExportableEncrypted -KeyLength 2048 -KeySpec KeyExchange
#set password for PFX
$password = ConvertTo-SecureString -String "P@ssw0rd" -Force -AsPlainText
#Export Certificate
Export-PfxCertificate -Cert $cert -FilePath "c:\cert\scvmm16azure.pfx" -Password $password
# to use this certificate in the Azure management portal export it to a .cer file
Export-Certificate -Type CERT -Cert $cert -FilePath "c:\cert\scvmm16azure.cer"
Now that the Certificate is exported I can upload this in the Old Azure V1 portal
Go to Settings and Management Certificates at the bottom there is a upload link.
Select the fresh created Certificate with the right subscription ( must be the same as the ID picked earlier )
Now that the Azure Certificate is in place I check browse and see the local certificate also.
After these steps we see the subscription in the console
here you can manage the VM’s with out the Azure v1 Portal.
As the the Resource Group option is still unavailable you can Vote for this in the user https://systemcentervmm.uservoice.com
Add Azure Resource Manager Stack based Azure VMs to the subscription view
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
Thanks for this! Microsoft’s example is wrong to omit the KeySpec parameter.
Thanks for reading my blog 😉
HOw I can do it in new portal?
you can’t this option is only for V1 classic VM’s. so now with ARM a useless option.
But vote here for updating this option
https://systemcentervmm.uservoice.com/forums/280803-general-vmm-feedback/suggestions/9074212-add-azure-resource-manager-stack-based-azure-vms-t