change ssl cert for web interface on vCenter 4

beovax · ‎09-22-2009

Hi, I am trying to change the cert on my virtual center server. I have read through the instructions . I am having all sorts of problems using openssl on the server.

Can I miss any of the steps? I already have the certificate in pfx format with the private key. Is it possible to generate the required files rui.crt and rui.key from my exisitng pfx file.

The certificate has multiple names for some other webservers and everytime I try generating a new one the current ones are revoked. Would be really hany if I can just use the cert I already have

degustator · ‎10-24-2009

The official documentation for replacing SSL certificates is rather confusing for novice users like myself. It expects you have some experience with OpenSSL tools and advanced understanding of PKI infrastructure. I highly recommend to read this forum post instead: http://communities.vmware.com/message/858473#858473. It contains simple step-by-step instructions for replacing self-signed certificate for vCenter Server with one issued by Microsoft Windows Server Certification Authority. It was written for some earlier versions but today I followed those steps for vCenter Server 4.0 running on Windows Server 2008 R2 and had no problems with these newer versions.

Also please note that the Technical Note paper is somewhat incorrect. “C:\Documents and Settings\All Users\Application Data” for Vista and newer OSes (including Windows Server 2008 and Windows Server 2008 R2) is not “C:\Users\All Users\Application Data” but “C:\ProgramData”. This is a hidden folder so you could not see it by default but can navigate there by typing exact path in the address bar of Windows Explorer.

Hope this helps.