vCenter Server 7.0 has done some interesting things to help make certificate management easier. To start, the solution certificates are deprecated, being replaced under the hood with a less complex but equally secure method of connecting other products like vRealize Operations, vRealize Log Insight, etc.
- Login to vCenter
- Go to → Menu → Administration → Certificate Management
- From here we can perform those activities on certificates:
- Renew
- Import and Replace Certificate
- Generate Certificate Signing Request (CSR)
RENEW:
- Click RENEW
- The process will run in the background
- VC will be restarted automatically
IMPORT AND REPLACE CERTIFICATE:
There are three options:
- Replace with VMCA certificate
- Replace with external CA certificate where CSE is generated from vCenter Server (private key embedded) (this option changed with Update 2)
- Replace with external CA certificate (require a private key)
- Once you chose the option, click next and fill out the form
- Once happy with the choice, click REPLACE
- VC will restart automatically
GENERATE CERTIFICATE SIGNING REQUEST (CSR):
- Fill out the form and click NEXT
- Copy or download the CSR to provide it to your Certificate Authority to be signed
Visit my FB page: https://www.facebook.com/AngrySysOps
Subscribe to my YouTube channel: https://www.youtube.com/channel/UCRTcKGl0neismSRpDMK_M4A