Using a single VCSA 6.5U1 with embedded PSC in my lab environment.
VMCA is configured as subordinate CA of MS Enterprise CA.
Used certificate manager from CLI to replace all certificates some time ago.
Web Client uses new certificates. All browsers are happy.
While checking vor VCSA updates (now running 6.5.0.10100 Build Number 6671409) I noticed that the VCSA appliance management at port 5480 still uses the old 'VMware default certificate'. Which Chrome now really hates; I have to type 'badidea' to go from certificate warning to appliance management login.
So far I didn't find any information how to fix this.
How do I replace the certificate used by appliance management ?
There are some steps available here: Replace self-signed certificates with intermediate CA certificates
Please make sure to backup beforehand as these have not been tested and are ran at your own risk.
There are some steps available here: Replace self-signed certificates with intermediate CA certificates
Please make sure to backup beforehand as these have not been tested and are ran at your own risk.
Thank you; I'll try the solution suggested there in my lab.
There doesn't seem to be an official supported way to do this.
There's now a KB article VMware Knowledge Base VAMI does not display the new certificate after changing vCenter Server Appliance 6.x certificates (2136693)
Symptoms
Resolution
Currently, there is no resolution.
To work around this issue:
vCenter Server Appliance 6.5:
vCenter Server Appliance 6.0: