Generate new ESXi host certificates

This is a very straightforward and well-known method to replace esx certificates and if it works then well and good.

Establish an ssh session to the esx host and navigate to /etc/vmware/ssl directory

The two files we are interested are rui.crt and rui.key – The cert and key file

[root@sfo01-m01-esx02:~] ls -ltr /etc/vmware/ssl/rui*
-r——– 1 root root 1704 Apr 21 17:23 /etc/vmware/ssl/rui.key
-rw-r–r– 1 root root 1411 Apr 21 17:23 /etc/vmware/ssl/rui.crt
[root@sfo01-m01-esx02:~]

I’m just to back up the cert and key file just in case if it’s needed

[root@sfo01-m01-esx02:/etc/vmware/ssl] cp -a rui.* /cert-backup/
[root@sfo01-m01-esx02:/etc/vmware/ssl] ls -l /cert-backup/
total 8
-rw-r–r– 1 root root 1411 Apr 21 17:23 rui.crt
-r——– 1 root root 1704 Apr 21 17:23 rui.key

To regenerate new certificate on esx, just run the command as shown

/sbin/generate-certificates

Restart hostd and vpxa services by executing the following command:

/etc/init.d/hostd restart && /etc/init.d/vpxa restart

Restart the host

reboot

(Visited 175 times, 1 visits today)

Generate new ESXi host certificates

By Ash Thomas

Leave a Reply Cancel reply

vCSA: /storage/archive partition full

Upgrade ESXi Using Offline Bundle

Repointing vCenter Server to another SSO Domain

Remove vCenter from Enhanced Mode

vCSA Services not Starting as Services are Masked

Remove an Inaccesible or stuck NFS datastore from vCenter vPostgres Database

Part 1 – Deploy vCloud Director 10.X

vCSA: /storage/log partition full

How to Set Up and Configure Failover Cluster On Windows Server 2022

Part 1- Enable High Availability (vCHA) in vCenter 7

Chinchu A Thomas

Ash Thomas