KB ID 0001076
This article is from long time site supporter: Daniel Newton
Assuming you have a Windows PKI (Certificate Services) and want to replace the self signed certificates in vCenter.
1. Firstly, Open the Certification Authority on the PKI Server.
2. Then duplicate the “Web Server Template”</p?
3. Give the certificate a sensible name.
4. Now click on the “Extensions” tab and under “Application Policies” and add Client Authentication.
5. Now, you would need to click on the “Key Usage” link and click Edit.
6. In this section, select the following settings in the picture.
7. In the Request Handling Tab, You would need to allow the private key to be exported.
8. Now that’s the certificate sorted, now you would need to issue it. So, go back into the main certificate authority page, right click on Certificate Templates, and then go to “New” and then “New Certificate to Issue”.
9. Now select the vCenter Certificate that you created earlier and then click OK.
10. Now, you can issue new certificates using this template! Keep your eyes Peeled for Part 2 on how to generate certificate requests using the Certificate Automation Tool!</p?
Related Articles, References, Credits, or External Links