VMware Cloud Community

Change from VMCA Default Certificates to External SSL Certificates (Hybrid Mode)

Hi All,

I've got a newly built vSphere 7 infrastructure.

  • Two vCenter servers (v7.0 U2) in enhanced linked mode as part of the same SSO domain
  • vSphere replication appliances (v8.4) in both sites
  • SRM appliances (v8.4) in both sites

This has been deployed using the default VMCA self-signed certificates, but I now have a requirement to use external SSL certificates signed by an internal Microsoft CA.

Is there a simplified walkthrough available to show the sequence of tasks or has someone done this recently that can provide some guidance? I'm busy going through the documentation to work it out, but I thought I'd ask the community to help understand and validate my assessment of what needs to be done.

My concerns are to ensure that all the components continue to function (PROD environment) as I go through the certificate replacement, and that I have a documented process at the end for when the certificates expire. Once I have a plan together, I will test this in a non-production environment before doing the same in production.

Reference for Hybrid mode > vSphere Security Certificates (vmware.com)




vExpert 2014 - 2022 | VCP6-DCV | http://www.jonmunday.net | @JonMunday77
0 Kudos
0 Replies