VMware Cloud Community
mtrohde
Enthusiast
Enthusiast
Jump to solution

VMware Certificate Authority and Enhanced Link Mode

We are trying to get SSL certs in place in our VMWare environment and while I am making progress its really painful.  In the past I had suggested we have vCenter be a subordinate certificate authority off our root CA like VMWare best practice.  That was shot down.  I am going to reopen that debate. 

One question I have is how does VMware Certificate Authority behave when you have multiple vCenters joined together in Enhanced Link Mode?  Am I going to have make each PSC its own Certificate Authority?

Thanks in advance for any insight

Reply
0 Kudos
1 Solution

Accepted Solutions
daphnissov
Immortal
Immortal
Jump to solution

No, VMCA is a function of the PSC which is replicated in a single topology with ELM. So a single VMCA per SSO domain is what gets created.

View solution in original post

2 Replies
daphnissov
Immortal
Immortal
Jump to solution

No, VMCA is a function of the PSC which is replicated in a single topology with ELM. So a single VMCA per SSO domain is what gets created.

mtrohde
Enthusiast
Enthusiast
Jump to solution

I thought it worked that way, always nice to have it confirmed.  Thank you!

Reply
0 Kudos