Introduction
Installing certificates on ESXI is not that difficult, yet I wonder why they made it so cumbersome to do in the first place as it provides more secure communications for your hypervisor system…
Word of warning, be carefull when doing this, reverting is not that easy and can result in a non-accessible ESXI server!
What you need is the following:
- Minimally ESXI 6.5
- WinSCP
- Enable SSH on ESXI
- Your cerficate exported to PEM that includes your private key and your certificate
- Your friendly DNS name e.g. esxi.mydomain.com
How to
- Logon your esxi server
- Go to Host -> Actions -> Services -> Enable Secure Shell (SSH)
- Open WinSCP and connect to your esxi host using SSH
- In WinSCP browse to “/etc/vmware/ssl”
- Backup your current keys by renaming them rui.crt.bak and rui.key.bak
- Upload your personal certificate named exactly the same (rui.crt and rui.key)
- Restart your management services via SSH and the command “
sudo services.sh restart” to load in your new certificate - Browse to your friendly DNS name and check your validated certificate
- That’s it!
