ESXi: Install a custom certificate


Hi,

these are the steps to install own certificates on an ESXi host.

Switch the hosts into maintenance mode and remove it from the cluster.

Append your root and intermediate certificate (merge it before into one file), the fullchain, to castore.pem

~ # cp /etc/vmware/ssl/castore.pem /etc/vmware/ssl/castore.pem.`date +\%Y\%m\%d-\%H\%M`
~ # cat myFullChain >> /etc/vmware/ssl/castore.pem 

Then replace the certificate /etc/vmware/ssl/rui.crt and the the associated key /etc/vmware/ssl/rui.key with the new ones.

and write the new config to the system disk by running the auto-backup script.

~ # /sbin/auto-backup.sh

Then reboot the ESXi host an put it back into the cluster.

Michael

Leave a Reply Cancel reply