VMware Cloud Community
dcoz
Hot Shot
Hot Shot
‎09-12-2017 03:54 AM

replace vcsa 6.5 SSL certs with custom Certs

Hi Guys,

I have replaced the machine and Solution user certs on the 6.5 VCSA.
Everything looks like it is working as it should. I can see the solution user certs signed by the VMCA root cert, but should i see the custom signed certs in the active certs list as well?

Thanks

DC

0 Kudos
4 Replies
vasan22in
Enthusiast
Enthusiast
‎09-12-2017 05:38 AM

Hello,

Refer the below link for custom cert implementation.

Replacing a vSphere 6.x Machine SSL certificate with a Custom Certificate Authority Signed Certifica...

Please consider marking this answer "correct" or "helpful" if you think your query have been answered correctly. Thanks, Srini
0 Kudos
nparas5
Enthusiast
Enthusiast
‎09-12-2017 07:57 AM

Very Simple, you only need to Provide the CSR file from vcenter appliance to the authority who manages PKI Infrastructure in your environment, they will generate a certificate for you and you can import the certificate .

This will work .

0 Kudos
dcoz
Hot Shot
Hot Shot
‎09-12-2017 01:54 PM

thanks for the replies. I just want to clarify. I have successfully replaced the machine and solution user certs.

When I look at the certificate store on the vcsa through the cli I see the internally generated certs. what I am not seeing is those certs in the web client ui. Is this expected?

thanks

0 Kudos
dcoz
Hot Shot
Hot Shot
‎09-14-2017 05:49 AM

found the issue was no an issue.

I simply went to https://<server name>/psc and I was able to see the custom certs in the store. I was also able to cange them from there also.

0 Kudos