Solved: Re: How to use a CNAME with CA-signed certs

VirtuallyMikeB · ‎05-01-2017

Hello,

I'm using vSphere 6.5 with VCSA and an embedded PSC. I configured CA-signed certs using an Enterprise CA and used the VMCA as an intermediate CA. When accessing the vSphere Web Client/HTML5 client using vCenter's hostname, the certs are trusted. When accessing via a CNAME record, of course, there's no trust because there's not a Subject Alternative Name configured for vCenter.

With my current setup, how can I configure a Subject Alternative Name for vSphere Client access?

Thanks,

Mike

----------------------------------------- Please consider marking this answer "correct" or "helpful" if you found it useful (you'll get points too). Mike Brown VMware, Cisco Data Center, and NetApp dude Sr. Systems Engineer michael.b.brown3@gmail.com Twitter: @VirtuallyMikeB Blog: http://VirtuallyMikeBrown.com LinkedIn: http://LinkedIn.com/in/michaelbbrown

VirtuallyMikeB · ‎05-03-2017

I reached out to Adam Eckerle, vCenter TAM, via Twitter and he responded that VMware doesn't support SANs for vCenter.

----------------------------------------- Please consider marking this answer "correct" or "helpful" if you found it useful (you'll get points too). Mike Brown VMware, Cisco Data Center, and NetApp dude Sr. Systems Engineer michael.b.brown3@gmail.com Twitter: @VirtuallyMikeB Blog: http://VirtuallyMikeBrown.com LinkedIn: http://LinkedIn.com/in/michaelbbrown

View solution in original post

VirtuallyMikeB · ‎05-03-2017

I reached out to Adam Eckerle, vCenter TAM, via Twitter and he responded that VMware doesn't support SANs for vCenter.

----------------------------------------- Please consider marking this answer "correct" or "helpful" if you found it useful (you'll get points too). Mike Brown VMware, Cisco Data Center, and NetApp dude Sr. Systems Engineer michael.b.brown3@gmail.com Twitter: @VirtuallyMikeB Blog: http://VirtuallyMikeBrown.com LinkedIn: http://LinkedIn.com/in/michaelbbrown

All

How to use a CNAME with CA-signed certs