VAMI Certificate in SSL Hybrid Mode
August 09, 2019
When you’ve configured your vCenter Server Appliance to be a subordinate certificate authority, the VAMI interface at https://vcenter:5480 doesn’t use the new certificate, and it uses a self-signed certificate. In this post, I show you how to resolve this.
First, SSH into the vCSA and locate the certificate file you signed at your CA for the vCSA appliance, it should be named something like vmca.crt or vmca.cer.
Copy and rename that file:
cp vmca.cer /etc/applmgmt/appliance/vmca.crt
Open the configuration file:
Add this line at the bottom of the file:
ssl.ca-file = "/etc/applmgmt/appliance/vmca.crt"
Restart the HTTP service:
It should look like this if successful:
Now when you browse to the https://vcenter:5480, the certificate is valid and trusted.
Written by John Henriksson who lives and works in Sweden managing datacenters. You should connect with him on LinkedIn.