The VMware Knowledge Base provides support solutions, error messages and troubleshooting guides
Search the VMware Knowledge Base (KB)
View by Article ID
Implementing CA signed SSL certificates with vSphere 5.1 (2034833)
Purpose
This article provides information on manually configuring Certificate Authority (CA) signed SSL certificates in a vSphere 5.1 environment. VMware has released a tool to automate much of the described process below. Please see Deploying and using the SSL Certificate Automation tool (2041600) before following the steps in the article.
In the case that you are unable to use the tool this article helps you eliminate common causes for problems during certificate implementation, including configuration steps and details, and helps avoid common misconfigurations in the implementation of custom certificates in your environment.
Configuring CA signed certificates is a challenge with vSphere as with any complex enterprise environment. Securing an environment is a requirement in many large organizations. You need either public certificates (such as Verisign or Globaltrust), Microsoft CA certificates, or OpenSSL CA certificates to ensure a secure communication.
This article provides steps to allow configuration of these certificates on vSphere components in an environment. The article also assumes that all components are installed and running already with self-signed certificates.
Please validate each step below. Each step provides instructions or a link to a document that provides information on configuring the certificates in your environment.
If your issue persists even after trying these steps:
Collect the custom certificate configuration information, including the OpenSSL configuration file (normally openssl.cfg), rui.key, rui.crt, and rui.csr.
File a support request with VMware Support, include the gathered information, and note this Knowledge Base article ID (2034833) in the problem description. For more information, see Filing a Support Request in My VMware (2006985).
