Managing ESXi SSL certificates

The VMCA, in vSphere 6, provisions a signed certificate to each ESXi host. The certificate specifies the VMCA as the root certificate authority by default. The certificate is provisioned when the ESXi host is added to vCenter Server, or installed or upgraded to ESXi 6.0 or later.

Renewing VMCA certificates

If the VMCA is a subordinate certificate authority, it is allowed to sign certificates for the ESXi hosts. This can be done using the vSphere Web Client. To do so, log into the vSphere Web Client and navigate to the Hosts and Cluster inventory view. Right-click on the ESXi host, and select Certificates | Renew Certificate.

This will bring up the Renew Certificate dialog; click on the Yes button.

This can also be ...

Get Learning VMware vSphere now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Learning VMware vSphere by Abhilash G B, Rebecca Fitzhugh

Managing ESXi SSL certificates

Renewing VMCA certificates

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly