How to use a CNAME with CA-signed certs

Jump to solution

Hello,

I'm using vSphere 6.5 with VCSA and an embedded PSC.  I configured CA-signed certs using an Enterprise CA and used the VMCA as an intermediate CA.  When accessing the vSphere Web Client/HTML5 client using vCenter's hostname, the certs are trusted.  When accessing via a CNAME record, of course, there's no trust because there's not a Subject Alternative Name configured for vCenter.

With my current setup, how can I configure a Subject Alternative Name for vSphere Client access?

Thanks,

Mike

----------------------------------------- Please consider marking this answer "correct" or "helpful" if you found it useful (you'll get points too). Mike Brown VMware, Cisco Data Center, and NetApp dude Sr. Systems Engineer michael.b.brown3@gmail.com Twitter: @VirtuallyMikeB Blog: http://VirtuallyMikeBrown.com LinkedIn: http://LinkedIn.com/in/michaelbbrown
0 Kudos
1 Solution

Accepted Solutions

I reached out to Adam Eckerle, vCenter TAM, via Twitter and he responded that VMware doesn't support SANs for vCenter.

----------------------------------------- Please consider marking this answer "correct" or "helpful" if you found it useful (you'll get points too). Mike Brown VMware, Cisco Data Center, and NetApp dude Sr. Systems Engineer michael.b.brown3@gmail.com Twitter: @VirtuallyMikeB Blog: http://VirtuallyMikeBrown.com LinkedIn: http://LinkedIn.com/in/michaelbbrown

View solution in original post

0 Kudos
1 Reply

I reached out to Adam Eckerle, vCenter TAM, via Twitter and he responded that VMware doesn't support SANs for vCenter.

----------------------------------------- Please consider marking this answer "correct" or "helpful" if you found it useful (you'll get points too). Mike Brown VMware, Cisco Data Center, and NetApp dude Sr. Systems Engineer michael.b.brown3@gmail.com Twitter: @VirtuallyMikeB Blog: http://VirtuallyMikeBrown.com LinkedIn: http://LinkedIn.com/in/michaelbbrown
0 Kudos