VMware Cloud Community
wreedMH
Hot Shot
Hot Shot
‎08-01-2020 02:34 PM

Certificate Manager generate new certs longer than 2 years?

Is there anyway to get certifcate manager to generate new certs longer than 2 years? We just ran Option 8 - Reset All Certificates on a embedded vCenter and it only renewed for 2 years.

pastedImage_0.png

Reply
0 Kudos
5 Replies
Alex_Romeo
Leadership
Leadership
‎08-01-2020 02:48 PM

Hi,

Which version of VMware are you using?

VMware Knowledge Base

Expires every 10 years from version 6.x up (see attachment on page 71 for 6.0 and 83 for 6.7)

pastedImage_0.png

ARomeo

Blog: https://www.aleadmin.it/
Preview file
1515 KB
Preview file
2045 KB
Reply
0 Kudos
wreedMH
Hot Shot
Hot Shot
‎08-01-2020 04:05 PM

6.7 U3g

Reply
0 Kudos
Alex_Romeo
Leadership
Leadership
‎08-01-2020 04:33 PM

ok! therefore it must expire every 10 years. Try repeating the procedure following the manual I added in the previous answer.

ARomeo

Blog: https://www.aleadmin.it/
Reply
0 Kudos
wreedMH
Hot Shot
Hot Shot
‎08-01-2020 04:41 PM

So it looks like the root renewed for 10 years but not the machine or vsphere-client certificate. It did for 2 years. Anyway to renew those 2 for 10 years?

Reply
0 Kudos
Raudi
Expert
Expert
‎08-03-2020 04:49 AM

I'm just searching the same, but the other direction, because what happens in a few months, when Chrome reports certificate errors when a certificate is created after september 1st and is valid longer than 398 days?

ESXi host certificates are created with a 5 year certificate, this i can configure:

vpxd.certmgmt.certs.daysValid

But the machine certificate will be issued with 2 years, here i didn't found a way to configure this.

Reply
0 Kudos