1. Have your sysadmin generate .pfx and .cer files for the machine you need to update.
2. Download openssl win 64-bit https://www.cloudinsidr.com/content/how-to-install-the-most-recent-version-of-openssl-on-windows-10-in-64-bit/
3. Right click and run openssl as admin in C:\Program Files\OpenSSL-Win64\bin
4. Get the key file by running the command: pkcs12 -in [yourfile.pfx] -nocerts -out [keyfile-encrypted.key]
5. Convert the key file to pem format by running the command: rsa -in [keyfile-encrypted.key] -outform PEM -out [keyfile-encrypted-pem.key]
6. Get the certificate out of the pfx by running the command: pkcs12 -in [yourfile.pfx] -clcerts -nokeys -out [certificate.crt]"
7. Add the newly created pem.key and .crt file in C:\Program Files\OpenSSL-Win64\bin, to the server you need to update via gui or winscp.
8. Go to the CMS SERVER
9. Put it into maintenance mode in the host area under actions
10. power off off all VM's
11. Enable SSL in the services tab
12. Exit lockdown mode in services
13. Use winscp and copy the pfx and crt files to the cd /etc/vmware/ssl directory
14. rename the old rui.crt and rui.key files so you have a copy
15. rename the crt and pfx files you uploaded to rui.crt and rui.key