• ESXi 6.0 SSL certificate replacement and management

    Note: As a prerequisite, the ESXi 6.0 server must have been a fresh install, and not an upgrade from a previous version.   ESXi CA certificates   If you are replacing your ESXi certificates with CA certificates, the best method is to make your VMCA a subordinate CA and allow it to sign certificates for the ESXi host. Please see directions here for making your VMCA a subordinate CA. I had received the error “Start Time Error” shown below. To resolve this I added the ESXi host to the domain, and added the VMCA certificate as a Trusted Publisher certificate […]

    Read more »
  • PreStaging SSL Certificates in vSphere 5.x. The quickest and easiest way to implement Custom certificates.

      PreStaging SSL Certificates   After endless troubleshooting sessions and implementing of CA certificates in customer environments I have decided to share what I feel is the easiest and most efficient way to implement custom certificates in vSphere 5.x. The method I am writing about is called Pre-Staging where you essentially take your CA certificates, place them in the correct service folder, and then install/reinstall the component. During installation, the installer recognizes pre existing certificates and the CA certificate that you staged will be used to install, register, and trust service(s) appropriately. This will work for Inventory Service, vCenter Server Service, […]

    Read more »

Back to Top