pyVmomi 6.0.0, vSphere 6.0 and SSL

VMware released a new version of pyVmomi to better integrate with vSphere 6.0. This release introduces a change on the creation of an SSL connection. After struggling with some issues on this change, I wanted to write something down for future reference.

On the GitHub documentation it says pyVmomi 6.0.0 supports python 2.7, but it would be more accurate to say pyVmomi 6.0.0 supports python 2.7.9+, as in python 2.7.9 the ssl.SSLContext object has been introduced. This object allows you to specify a verification mode and a SSL Protocol. This object is needed if you want to connect correctly to the vSphere API.

You can check your python version with  python --version

Workaround for python versions below 2.7.9

To get everything working in python versions below 2.7.9, the easiest way is to downgrade pyvmomi to 5.5.0.2014.1.1. To achieve this, do the following:

This will downgrade your pyvmomi to a workable version. This version also doesn’t force SSL certificate verification, so your code can be very simple:

Working with untrusted SSL connections with pyVmomi 6.0.0 and python 2.7.9+

If you want to connect to a vSphere 6.0 API without certificate verification using pyVmomi 6.0.0 and python 2.7.9+, you will have to create a new SSLContext which disables the certificate verification. Using pyVmomi’s  SmartConnect() , there is now a new attribute you can pass, called  sslContext . Below is an example on how to achieve this.

Support for both versions

If you write scripts which can run on different python and pyVmomi versions and you want to keep supporting both, you could do so by looking at the following example:

I have updated all my pyVmomi scripts on my GitHub repository to start working with both version with the above fix.

 

 

Be social & shareShare on FacebookTweet about this on TwitterShare on LinkedInShare on RedditGoogle+Email to someone

Tags: , , ,