Hi, I have just installed ESXi 6.7 in a home lab.
IP address is 192.168.0.100
Name is vcenter01.rob.com
I can ping from from my laptop
How can I get rid of the certificate warning when accessing it either by IP address or name using chrome?
I just want to be able to access https://vcenter01.rob.com securely and log in with out any warnings.
(One of the virtuals I have is Citrix XenDesktop 7.17 running on Windows server 2016 and it requires a secure connection to my ESX host.)
Just want simplest step by step instructions. (Screen shots maybe) .How hard can this be??
Note this is 6.7 not 6.0 or 6.5 so in my browser (Chrome, IE, Firefox) I do not get an option to download the certificate.
Spent literally hours on this so someone please put me out of my misery.
Download the certificate from the browser link and add it to trusted root . This would only help on the local machine.
If not you need custom certs.
Welcome to the Community,
just to make sure I understand this correctly. You are talking about an ESXi certificate, but mention vCenter Server.
Is this about accessing to the ESXi host directly, or a vCenter Server instance? Only vCenter Server has an option to download certificates.
What you may check is whether it is possible to make XenDesktop aware of the ESXi host's self signed certificate (e.g place it in some kind of trusted certificates store), or purchase an official certificate for the ESXi host.
like in the previous versions of the VCSA there is a download link called "Download trusted Root CA Certs" in the LOWER RIGHT corner of the vcsa start page (where you can select to start webclient or html5. Its a zip and contains the CA Chain (root ca and host cert). Both have to be importet in your lokal CA store (depends on OS or used browser). After doing this and a restart of your browser you dont get any warning about untrusted cert in your browser.
If you name something "vcenter01" i would expect that you are talking about the vCenter server which is the VCSA (linux based appliance) and is used as a central management solution of multible ESXi Hosts and for using als the cluster and adv. stuff.
Yes, "https://vcenter01.rob.com" should be the startpage. But you can compare to the following screenshot and in the lower right you will see the download link.
Hi, your need import the Root CA of the vcenter server to the Citrix Server.
Connect of the citrix desktop, open the internet explorer and step and step:
Alright, the previous poster is confused. You aren't running vCenter, just a standalone host. There is no vCSA start page. But why you've decided to call this host "vcenter01" is strange. In any case, in Chrome press F12 and to the security tab when logged into your ESXi hosts web GUI. Download the certificate it is presenting to your machine. Double click and add it to trusted root certificate store.
Why are you so aggressive? We are trying to help you here and your details are not as clear as you think. And most people here aren't VMware employees either. We help others here in our free time. Therefore, a more friendly tone would be appropriate.
But back to your problem. What I don't understand is the following:
You write that you want the certificate for ESXi, but try to access the domain "vcenter01.rob.com". This is confusing. But you also write that you are redirected directly to the login screen and do not see the start page in the screenshot.
However, this start page only appears for the vCenter. If you access the ESXi host directly via the host client, the login window appears directly. That's normal.
So, either you have a vCenter running, then use this URL, or if you only have an ESXi host without vCenter, then try the following instructions for the chrome browser:
- In the address bar, click on the left side on the lock symbol
- Choose the menu option "certificate" (a new window will pop up)
- Click on the tab "Details"
- Click on "Copy to file" and save the certificate file
- Close the chrome browser
- Double-click the newly created file and run the Windows Import Wizard
This guy (Lagardia) is a jack-wagon, and doesn't know sh!+ from shinola. On top of that, he's just plain rude. If you knew what you were talking about it would be easier for us to help you, but since you sound like you know it all and are getting pissy with those of us who would like to help, go jump in a lake.
Yeh, I know, this was not helpful, but neither is this guys entire thread... AND there are some legit answers in this thread and the guy didn't even mark it 'Answered'...
Check if the following Citrix CTX article helps:
Gentlemen have an issue with ESXi interface, not a VSphere interface, I guess you all should know the difference by now,
Indeed vSphere gives you an option to get Certificate to update your root CA storage on win or Linux, from where ever you are opening your web GUI
But this option is Not in ESXi GUI interface
I'd suggest reinstall SSL by installing some cheap trusted root cert
by following VMware manual (Which is never 1,2,3,4 unfortunately)