Replacing the vCenter 5.5 Certificate using Microsoft Certificate Services – Part 1

KB ID 0001076 

This article is from long time site supporter: Daniel Newton


Assuming you have a Windows PKI (Certificate Services) and want to replace the self signed certificates in vCenter.


1. Firstly, Open the Certification Authority on the PKI Server.

cert services

2. Then duplicate the “Web Server Template”</p?

duplicate template

3. Give the certificate a sensible name.

duplicate template

4. Now click on the “Extensions” tab and under “Application Policies” and add Client Authentication.

duplicate template

5. Now, you would need to click on the “Key Usage” link and click Edit.

duplicate template

6. In this section, select the following settings in the picture.

duplicate template

7. In the Request Handling Tab, You would need to allow the private key to be exported.

duplicate template

8. Now that’s the certificate sorted, now you would need to issue it. So, go back into the main certificate authority page, right click on Certificate Templates, and then go to “New” and then “New Certificate to Issue”.

duplicate template

9. Now select the vCenter Certificate that you created earlier and then click OK.

duplicate template

10. Now, you can issue new certificates using this template! Keep your eyes Peeled for Part 2 on how to generate certificate requests using the Certificate Automation Tool!</p?


Related Articles, References, Credits, or External Links


Author: Migrated

Share This Post On