VMware Cloud Community
tuftsVM
Contributor
Contributor

CA signed certs for vCenter 5.5 requirements

I’m in the process of upgrading vCenter 5.5 with CA signed certs. I'm using SSL certificates (SHA-2) from InCommon CA (Comodo), and they come with 1 root and 2 intermediate certs in the chain. (https://support.comodo.com/index.php?/Default/Knowledgebase/Article/View/991/0/incommonssl-sha-2)

From all guides I have read so far, they all talk about using using 1 root and 1 intermediate in the certificate chain.

Also, I found out that InCommon does strip the Data Encipherment in the Key Usage, although in the submitted CSRs the information was there. InCommon said that they no longer offer Data Encipherment, as well as the other CAs. From the VMware guide, Key Usage field in the certs should contain digital signature, key encipherment and data encipherment.

Does anyone know if data encipherment is a hard requirement for vcenter 5.5 certs? Also, does vcenter 5.5 support 1 root and 2 intermediates in the chain?

Thanks,

Peter

Reply
0 Kudos
0 Replies