You must write a script that you run in the virtual machine that contains the extension.

The script reads the URL of the vCenter Extension vService Guest API, SSL thumbprint, and authentication token in the <vServiceEnvironmentSection> element of the Open Virtualization Format (OVF) environment XML file. The script authenticates itself with the vCenter Extension vService using the authentication token from the vService environment, generates a self-signed certificate, and sends the extension key and certificate to the ResgisterExtension function from the vCenter Extension vService Guest API.

The script that you run in the guest operating system of the virtual machine must perform the following functions.

You have developed an extension running in a virtual machine that you deliver by using OVF.

You have configured the OVF descriptor file of the extension to depend on the vCenter Extension vService and enabled OVF transport.

1

Parse the <vServiceEnvironmentSection> section in the OVF environment file.

2

Create a self-signed X509 certificate.

For example, create the certificate by using OpenSSL.

3

Send an HTTP POST request to the vCenter Extension vService.

The script obtains the URL to the vCenter Extension vService from the <vServiceEnvironmentSection>.

4

Include in the HTTP header the authentication token value from the <vServiceEnvironmentSection> element of the OVF environment file.

"evs-token: Token value"

5

Verify that the SSL thumbprint of the server-side certificate of the HTTPS connection is the same as that of the X509Thumbprint value from the <vServiceEnvironmentSection> element of the OVF environment file.

6

In the body of the HTTP POST request, pass the extension key of the extension and the PEM encooding of the certificate to the RegisterExtension function from the vCenter Extension vService Guest API.

<RegisterExtension xmlns="http://www.vmware.com/schema/vservice/ExtensionVService">
   <Key>com.mycompany.extensionkey</Key>
   <Certificate>
   -----BEGIN CERTIFICATE-----
   MIICRTCCAa4CCQDC/hX5KA9rSzANBgkqhkiG9w0BAQUFADBnMQswCQYDVQQGEwIu
   LjEKMAgGA1UECBMBLjEKMAgGA1UEBxMBLjEPMA0GA1UEChMGVk13YXJlMQowCAYD
   VQQLEwEuMREwDwYDVQQDEwhFVlMgZGVtbzEQMA4GCSqGSIb3DQEJARYBLjAeFw0x
   MDA3MDYwNzUwNTVaFw0xMDA4MDUwNzUwNTVaMGcxCzAJBgNVBAYTAi4uMQowCAYD
   VQQIEwEuMQowCAYDVQQHEwEuMQ8wDQYDVQQKEwZWTXdhcmUxCjAIBgNVBAsTAS4x
   ETAPBgNVBAMTCEVWUyBkZW1vMRAwDgYJKoZIhvcNAQkBFgEuMIGfMA0GCSqGSIb3
   DQEBAQUAA4GNADCBiQKBgQC4/XVcMhvNixk35iWl3nn1KHVSgUE18TuQBj7spNUc
   y506RmV8BR847jg9fHl7aErShOQ8RT/EuEEUGey4U1dB2pSocoYldtp2r4g/Lcew
   ZuuyQh2+MC0YzeFe+nyxBDHa0BGUId0dQH9nrjyboW/kNIrWfDkXnxxtq6pQAmFw
   +QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAElC68z59fuicYUa4fGWBuXNxzb+uqWF
   +cnf78lctBY1pr1DcEedhyww2SYbaGh/xGCc1zqO5kqYhIexQbN/2Vxaol9lJc/n
   vRfQRCp+HaIFTJMu4mVZ2GsYSp/tZSGgiBBQAUXqCLxFQr0eQ29b9rj4Q3/1N+7i
   hbVOln67TOBZ
   -----END CERTIFICATE-----
   </Certificate>
</RegisterExtension>

The vCenter Extension vService calls the RegisterExtension function and registers the extension with vCenter Server.

If you add a vService dependency in an OVF descriptor from which you deploy a extension, the vCenter Extension vService generates and adds a <vServiceEnvironmentSection> element to the OVF enviroment of the virtual machine that it deploys.

<ve:vServiceEnvironmentSection xmlns:ve="http://www.vmware.com/schema/ovfenv"
                                        xmlns:evs="http://www.vmware.com/schema/vservice/ExtensionVService"
                                        ve:bound="true" ve:id="installation"
                                        ve:type="com.vmware.vservice.extension">
   <evs:GuestApi>
         <evs:URL>https://192.168.1.42/vsm/extensionService</evs:URL>
         <evs:Token>1efc34a14232f81a245b9e8172f7a383fdeab312</evs:Token>
         <evs:X509Thumbprint>2b:04:e6:7d:8c:7b:73:70:d4:29:32:ed:96:11:2b:ae:b4:a0:28:78</evs:X509Thumbprint>
   </evs:GuestApi>
   <evs:VCenterApi>
         <evs:IP>192.168.1.42</evs:IP>
         <evs:X509Thumbprint>2b:04:e6:7d:8c:7b:73:70:d4:29:32:ed:96:11:2b:ae:b4:a0:28:78</evs:X509Thumbprint>
         <evs:HttpPort>80</evs:HttpPort>
         <evs:HttpsPort>443</evs:HttpsPort>
         <evs:SelfMoRef>VirtualMachine:vm-246</evs:SelfMoRef>
   </evs:VCenterApi>
</ve:vServiceEnvironmentSection>