Knowledge Base

The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Search the VMware Knowledge Base (KB)   View by Article ID

Determining the expiry period of default SSL certificates of vCenter Server and ESX/ESXi (2015600)


This article provides steps to find the expiry period of the default SSL certificates of vCenter Server and ESX and ESXi.


The default SSL certificates of vCenter Server are valid for 10 years and that of ESX/ESXi 4.x/5.x are valid for a period of 11.5 years.

To check the expiry date of SSL certificates on vCenter Server:
  1. Open the vSphere Client and connect to the vCenter Server and log in.
  2. In the Security Warning dialog, click View Certificate and check the Valid from mm/dd/yy to mm/dd/yy field for the expiry information.
  3. Click OK.
  4. Click Ignore to complete log in.
To check the expiry date in ESX/ESXi:
  1. Log in to an ESX host as the root user.

  2. Run this command:

    openssl x509 -noout -in /etc/vmware/ssl/rui.crt -enddate

    You see an output similar to:

    # openssl x509 -noout -in /etc/vmware/ssl/rui.crt -enddate
    notAfter=Aug 24 21:48:47 2023 GMT

See Also

Request a Product Feature

To request a new product feature or to provide feedback on a VMware product, please visit the Request a Product Feature page.


  • 0 Ratings

Did this article help you?
This article resolved my issue.
This article did not resolve my issue.
This article helped but additional information was required to resolve my issue.
What can we do to improve this information? (4000 or fewer characters)
  • 0 Ratings