Replacing ESXI SSL Certs
This is a follow on from replacing the PCS as trusted intermediate to your org CA Store. The next step is to update each ESXi host.
If you have done the previous post of SSL replacement then wait 24 hours before updating the ESXi hosts, due to a known issue, see
Setup Certificate Options
Log into vCenter and on the vCenter that manages the hosts, user Manage, Settings, Advanced Settings search for Certmgmt. Update the values for the certificate request as approipate, below shows before and after updating
Then on a ESXi host right click choose certificates, renew certificates
If you get the following error, wait for the newly created VMCA certificates done in the previous post to be 24 hours old
- If you have waited and do not see the error, then the certificate will be updated, the host may disconnect for a short while whilst the operation is done