VMware Cloud Community
Kurfer
Contributor
Contributor
‎12-11-2017 01:27 PM

Am I reading this correctly? The amount of steps in order to replace the default SSL cert is beyond obscene. This can't be correct...

Implemented a new internal PKI; managed to update 35 internal systems to utilize in a single afternoon. Cisco wireless, MS NPS, F5, all our web servers (internal) and then I got to our two vsphere servers. I was amazed to see there wasn't any option in the app to import an SSL cert (to get rid of this annoying untrusted error with the default cert).

I then see this:

VMware Knowledge Base

Not only does this document link to other documents, it requires me to install third party tools on my server and take an outage. How bad is this? I am just going to open a support ticket and have some VMware tech do this for me; there is not amount of money I wouldn't pay to have this done.

Installing an SSL cert should NEVER be this heavily involved...

Has anyone done this using their own MS internal PKI? This can't be right...this has to be the worst most involved process for PKI in the entire IT industry. I am going to give VMWare the benefit of the doubt that I am reading too much into this and there is a quick process for getting this done. I just can't imagine this being so bad.

0 Kudos
2 Replies
msripada
Virtuoso
Virtuoso
‎12-11-2017 01:44 PM

What is the vCenter version you have in the environment?

Are you trying to replace vCenter certificates with your internal MS CA certs?

This process is different from 5.x to 6.x so please provide the version of the vcenter and i will share the steps and right kbs

Thanks,

MS

0 Kudos
daphnissov
Immortal
Immortal
‎12-11-2017 08:11 PM

The KB you referenced is for vSphere 5. As asked by the previous user, we need to know what version you're running as there are huge differences in certificate management between the two. I have replaced certs many times in vSphere 6 and earlier versions, and vSphere 6.5 is by far the easiest to do and is quite straightforward.

------------------
How to Ask for Help on Tech Forums
https://neonmirrors.net
0 Kudos