O'Reilly logo

VMware vSphere Troubleshooting by Muhammad Zeeshan Munir

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Replacing machine certificates

The HTTP reverse proxy service uses an SSL certificate on Platform Services Controllers (PSC) on all the management nodes and in embedded deployment. You need to provide the following information when replacing SSL certificates using vSphere Certificate Manager:

  • Administrator password of vSphere
  • Custom certificate authority file
  • Custom SSL certificate file
  • Custom SSL key file

A certificate must be in CRT format and x509 version 3. Its key size should be 2048 bits or more and it should be encoded in PEM format. The certificate's SubjectAltName should consist of DNS Name = Machine.FQDN. Further, it should also contain key usages digital signature, key encipherment, and non-repudiation:

  1. Go to the /usr/lib/vmware-vmca/bin ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required