usually vCenter generates the certificates for the connected ESXi hosts. This is done by the VMCA and can be triggered by the vCenter GUI => Browser to the ESXi Host -> System -> Configure -> Certificate -> Renew.
To generate a new ESXi Host certificate, which is used for https connections at TCP/443 and for the CIM service TCP/5989, a script is located in /sbin.
Continue reading ESXi: Generate a new selfsigned host certificate
Advertisment to support michlstechblog.info
this post describes the en- and decryption of a file with a asymmetric encryption algorithm.
Asymmetric encryption means you encrypt data by a public key and can only decrypt this data with a private key associated with the public key.
Continue reading OpenSSL: Asymmetric en- and decryption of a file
the VMware Workstation does not provide a program or script to generate a new pair of key and selfsigned certificate.
If’ve written a batch file which builds a new one. The scripts assumes that the Workstation is installed in the default folder C:\Program Files (x86)\VMware\VMware Workstation and uses the openssl command delivered with the program.
Adjust the Countryname, State, etc. to your own needs. Config is based on the VMware Docs.
Continue reading VMware Workstation: Generate a new selfsigned SSL/TLS certificate
in most Active Directory Enviroments the Certificate Enrollment is active which generates and enrolls a certificate for each client. This can be used for Radius authentication or as certificate for an IIS webserver.
Typically the client renews this certificate itself.
Continue reading Windows: Renew a machine certificate