VMware Cloud Community
dmeyner22
Enthusiast
Enthusiast

Certificates

This is my first time running an External PSC and VCSA as in the past of I have just done the embedded configuration.  My question is regarding certificates and the only cert i'm concerned about is the machine_ssl cert.  I want to replace the that cert with a 3rd party and I wasn't sure if I need to replace both the machine_ssl certs on PSC and VCSA?

Reply
0 Kudos
3 Replies
daphnissov
Immortal
Immortal

You do, yes, because logins to vCenter are redirected to the PSC to obtain a SAML token, so if you want full trust across a vCenter session you should do both. And wildcards aren't supported just FYI.

Reply
0 Kudos
dmeyner22
Enthusiast
Enthusiast

I think the answer is obvious but I'm assuming that is 2 separate certs since i'm generating them from 2 different appliances correct?  Not applying the same cert to both machines?

Reply
0 Kudos
Devi94
Hot Shot
Hot Shot

you will need to replace it in psc and sync your Vcenters with PSC, Below article may help you.

VMware Knowledge Base https://kb.vmware.com/s/article/2112277

Reply
0 Kudos