Hello.
I have been trying to generate certificates from my own test lab, for the vCenter servers.
When I try to import the certificate I get this error
error 9 at 0 depth lookup:certificate is not yet valid
Error in verifying certificate: m_ca.cer
There is no problem with the time on the CA, or vCenter server or esxi hosts.
The vCenter deployment is not embedded. PCSs and vCenters servers are running on they own servers. I use the vCenter appliance, not windows.
This is the way I tried to generate and import the certificate
Replace your vCenter vSphere 6.5 Certificates using your own CA - YouTube
My domain is <domain-name>.local
I do not think that this should be a problem.
Any tips much appreciated.
Best regards!
That's what a root CA is supposed to look like. In looking at your machine cert, it says it isn't valid until starting today, so did you generate it today or was this the same one you couldn't get installed when you opened this thread? If so, then the error message was telling you all you needed to know: the certificate isn't yet valid.
Please show the certificate details after generation by opening it in the Microsoft tool. Also, what signing algorithm are you using? If it's SHA-1 like the video shows, highly recommend you go through the steps again and choose a stronger algorithm. SHA-1 is now untrusted by many browsers.
Yes, show the details of the generated cert.
Show the General tab as well.
That's what a root CA is supposed to look like. In looking at your machine cert, it says it isn't valid until starting today, so did you generate it today or was this the same one you couldn't get installed when you opened this thread? If so, then the error message was telling you all you needed to know: the certificate isn't yet valid.
Hello.
It was generated yesterday.
I will give it a try, again.
Yes, it does work. I missed the date thing.
Thank you for pointing that out.