Command Line Certificate Login
You can use certificate-based authentication with tools such as
wget to access the VCH Admin log server.
With TLS Client Authentication
-If you deployed the VCH with client authentication by using
--tls-cname or by specifying a static IP address on the client network, you can point
curl to the
key.pem files for the VCH. The following example authenticates connections to the
curl https://vch_address:2378/logs/port-layer.log --key ./cert_folder/key.pem --certificate ./cert_folder/cert.pem
NOTE: If your certificates are self-signed, you might also need to specify the
curl -k flag.
In the example above, cert_folder is either of the following locations:
- The folder with the same name as the VCH, in the directory from which you ran
- A folder that you specified in the
vic-machine create --cert-pathoption.
Without Client Authentication
If you deployed the VCH without client authentication by using either of
--no-tlsverify, you can use curl to access the logs but you must first authenticate connections to VCH Admin by using the vSphere username and password.
Log in to VCH Admin to gather an authentication cookie for subsequent access:
curl -sk https://vch_address:2378/authentication -XPOST -F username=vsphere_username -F password=vsphere_password -D cookies_file
Use the cookie from Step 1 in a
curlcommand to access the logs.
curl -sk https://vch_address:2378/logs/port-layer.log -b cookies_file