Replace Certificate2023/02/22 |
Replace the auto generated certificate when ESXi installed to the one you got by yourself like from Let's Encrypt. |
|
In this example, we will replace it with the certificate obtained with Let's Encrypt.
Be careful when using Let's Encrypt certificates. |
|
[1] | Replace certificate. |
# certificate you got by yourself [root@ctrl:~] ll /tmp/*.pem -rw-r--r-- 1 root root 5591 Feb 22 02:14 /tmp/fullchain.pem -rw------- 1 root root 1704 Feb 22 02:14 /tmp/privkey.pem # switch system to the maintenance mode [root@ctrl:~] esxcli system maintenanceMode set --enable true [root@ctrl:~] esxcli system maintenanceMode get Enabled # replace certificate [root@ctrl:/tmp] cd /etc/vmware/ssl [root@ctrl:/etc/vmware/ssl] cp -p rui.crt rui.crt.orig [root@ctrl:/etc/vmware/ssl] cp -p rui.key rui.key.orig [root@ctrl:/etc/vmware/ssl] cp /tmp/fullchain.pem ./rui.crt [root@ctrl:/etc/vmware/ssl] cp /tmp/privkey.pem ./rui.key
# restart system [root@ctrl:/etc/vmware/ssl] esxcli system shutdown reboot --reason "Replacing Certificate"
# after restarting, unset maintenance mode [root@ctrl:~] esxcli system maintenanceMode set --enable false [root@ctrl:~] esxcli system maintenanceMode get Disabled |
[2] | Make sure the certificate warnings are not shown on VMware Host Client. (only for the case your certificate is valid one) |
Sponsored Link |
|