vmware esxi and ssl
December 15th, 2008 Posted in LinuxFor those of you using the free version of VMWare’s ESXi, you may have noticed that it generates a self-signed local cert. If you want to use your own ssl certificates, you can simply follow these quick steps.
- Enable SSH in ESXi by following the steps outlined here (don’t forget to reboot the server).
- Generate your ssl cert using openssl, or however else you want to do it. You need a .key and .crt file.
- Now scp your .key and .crt files to your esxihost and put them in the /etc/vmware/ssl directory
- Now cd to /etc/sfcb and edit sfcb.cfg. Change the rui.crt and rui.key references to reflect your cert files.
- run services.sh restart
That’s it. Now when you use VMWare INfrastructure Client to connect, you’ll be using your own custom certificates.
If you want to use the same cert for the web interface (I’m not certain why, since you can’t really do much from it, but hey) then you’ll need to do the following steps as well.
- cd to /etc/vmware/hostd/
- edit config.xml and change the references for rui.key and rui.crt to your own cert names.
- run services.sh restart again