vCenter

 View Only

  • 1.  Certificate Manager generate new certs longer than 2 years?

    Posted Aug 01, 2020 09:34 PM

    Is there anyway to get certifcate manager to generate new certs longer than 2 years? We just ran Option 8 - Reset All Certificates on a embedded vCenter and it only renewed for 2 years.



  • 2.  RE: Certificate Manager generate new certs longer than 2 years?

    Posted Aug 01, 2020 09:48 PM

    Hi,

    Which version of VMware are you using?

    VMware Knowledge Base

    Expires every 10 years from version 6.x up (see attachment on page 71 for 6.0 and 83 for 6.7)

    ARomeo



  • 3.  RE: Certificate Manager generate new certs longer than 2 years?

    Posted Aug 01, 2020 11:05 PM

    6.7 U3g



  • 4.  RE: Certificate Manager generate new certs longer than 2 years?

    Posted Aug 01, 2020 11:33 PM

    ok! therefore it must expire every 10 years. Try repeating the procedure following the manual I added in the previous answer.

    ARomeo



  • 5.  RE: Certificate Manager generate new certs longer than 2 years?

    Posted Aug 01, 2020 11:42 PM

    So it looks like the root renewed for 10 years but not the machine or vsphere-client certificate. It did for 2 years. Anyway to renew those 2 for 10 years?



  • 6.  RE: Certificate Manager generate new certs longer than 2 years?

    Posted Aug 03, 2020 11:49 AM

    I'm just searching the same, but the other direction, because what happens in a few months, when Chrome reports certificate errors when a certificate is created after september 1st and is valid longer than 398 days?

    ESXi host certificates are created with a 5 year certificate, this i can configure:

    vpxd.certmgmt.certs.daysValid

    But the machine certificate will be issued with 2 years, here i didn't found a way to configure this.