Hello
Not making much progress replacing the vCenter self signed certificates - using hybrid method, so only looking to update the ssl cert for web interface.. We are using our own CA.
So method we have used:
error 20 at depth lookup:unable to get local issuer certificate
Error verifying certificate: machine_chain.cer
Googled around and it was suggested that the signing cert needed intermediate and root, so did copy IntermediateCA.cer+RootCA.cer inter_and_root_chain.cer and used this cert for signing certificate of the machine ssl. This time got a different error:
error 51 at 0 depth lookup:unsupported name constraint type
Error in verifying certificate: machine_chain.cer
Does anyone have any suggestions or come across this?
Thanks
Hi,
check this inter_and_root_chain.cer file. It should look like this from this article:
If You use copy file+file merged and a first file doesn't have new line character it could equal faulty file.
Check this compendium article how to replace vSphere certificates:
Replacing default certificates with CA signed SSL certificates in vSphere 6.x