VMware Cloud Community
meteor
Contributor
Contributor
‎01-20-2017 12:21 AM

What will happen to our ESXi 5.5 when we replace the PKI infrastructure?

We plan to replace our current PKI infrastructure. We have ESXi 5.5 hosts that use certificates issued by our internal CA. The certificates are valid for several more years.

So the question is: does anyone know if the ESXi host at any time query the CA that issued its certificate? If it does, what happens when it cannot reach that CA (as it has been removed)?

Reply
0 Kudos
2 Replies
DavoudTeimouri
Virtuoso
Virtuoso
‎01-20-2017 10:56 PM

Read this KB to know, how to you should generate new certificate for ESXi from a CA: Configuring CA signed certificates for ESXi 5.x hosts (2015499) | VMware KB

-------------------------------------------------------------------------------------
Davoud Teimouri - https://www.teimouri.net - Twitter: @davoud_teimouri Facebook: https://www.facebook.com/teimouri.net/
Reply
0 Kudos
meteor
Contributor
Contributor
‎01-25-2017 11:59 PM

Thanks for your reply.I'm familiar with generating certificates, but experienced a lot of problems last time we changed them. So, if possible, I would like to keep the current certificates, as they are valid for a long time. I still need to know if the vSphere PKI infrastrukture will be functional when the CA is removed.

Reply
0 Kudos