Change from VMCA Default Certificates to External SSL Certificates (Hybrid Mode)
I've got a newly built vSphere 7 infrastructure.
Two vCenter servers (v7.0 U2) in enhanced linked mode as part of the same SSO domain
vSphere replication appliances (v8.4) in both sites
SRM appliances (v8.4) in both sites
This has been deployed using the default VMCA self-signed certificates, but I now have a requirement to use external SSL certificates signed by an internal Microsoft CA.
Is there a simplified walkthrough available to show the sequence of tasks or has someone done this recently that can provide some guidance? I'm busy going through the documentation to work it out, but I thought I'd ask the community to help understand and validate my assessment of what needs to be done.
My concerns are to ensure that all the components continue to function (PROD environment) as I go through the certificate replacement, and that I have a documented process at the end for when the certificates expire. Once I have a plan together, I will test this in a non-production environment before doing the same in production.