Hello Daphnissov,

I knew you would come to rescue. .Thank you very much.

1. How do I proceed with that? I am sorry but I have never done that. Any link to guide/documentation.

2. Do you mean certification authorities like verisign, goDaddy etc. ?

Thanks,

Siddhesh

Well, first of all, we need to know what you have and on what versions. You said "vcenter and esxi hosts" but how many? What version? Next, what is it you want to do here? Do you just want to remove the annoying browser warnings, or do you want/need to integrate with a PKI system?

Ok.

Over here , 5.4 , 5.5 , 5.6 (3)servers form the vCenter 6.5 High Availability with each one having Active, Passive and Witness VMs.

5.9, 5.10 (2) servers with vsphere 6.0u3 are part of HA/FT cluster and are managed by vcenter( IP address 5.8) .

Yes, all I want is to remove the browser warnings and just want to see  it as secure.

Basically, If I access 10.0.5.8 from any machine that is connected to VPN and is able to access the said address, then it should show secure instead of the warning.

Thanks a lot.

Regards,

Siddhesh

Do you not have DNS in your environment? First step is going to be to destroy your vCHA configuration and use FQDNs for vCenter and all its hosts, then re-create. Do you want to eliminate browser warnings just for one workstation or a bunch? Do you have a PKI in place in your environment or not?

1. We don't have any DNS yet. Will be building one soon.

2. Browser warning for any machine that is able to access the ip address/fqdn

Thanks,

Siddhesh

daphnissov​

Thank you  very much for the complete picture.You're the best!! One last question " your CA" can be any third party CA like verisign or goDaddy?

Regards,

Siddhesh

It could be a third-party CA like the commercial ones you mentioned, sure, but be warned that vSphere does not support wildcard certificates. So if you've already purchased one, that won't work for vCenter and related components. For your reading pleasure: https://kb.vmware.com/s/article/2111219