Bobcares

For every $500 you spend, we will provide you with a $500 credit on your account*

BLACK FRIDAY SPECIAL

*The maximum is $4000 in credits, Offer valid till December 6th, 2024, New Customers Only, Credit will be applied after purchase and expires after six (6) months

For every $500 you spend, we will provide you with a $500 credit on your account*

BLACK FRIDAY SPECIAL

*The maximum is $4000 in credits, Offer valid till December 6th, 2024, New Customers Only, Credit will be applied after purchase and expires after six (6) months

VMWare vCenter Self-Signed Certificate Warning – How to remove

by | Dec 16, 2020

VMWare vCenter Self-Signed Certificate Warning triggers when we connect to a VMWare vCenter server using a web-browser.

As part of our Server Management Services, we assist our customers with several vCenter server queries.

Today, let us focus on the warning and how our Support Engineers go about with it.

 

VMWare vCenter Self-Signed Certificate Warning

As we mentioned earlier we face this warning when we connect to a VMWare vCenter server using a web-browser.

In Firefox, we can disable it by adding a vCenter website to the list of exceptions. However, in Internet Explorer the procedure is more complicated.

Default SSL certificates with ESXi and vCenter servers is self-signed. Other systems do not trust them and show a warning or block the connection with these websites.

To disable the warning, we can add the self-signed certificate in the list of trusted certificates. Or we can replace it with our own one issued by a trusted certification authority.

Let us consider the first variant, the procedure is trivial, but there are some not quite obvious moments. Here’s how our Support Engineers go about this.

So, when we open a vCenter server webpage in the browser, a window with the following warning will appear:

Remove VMWare vCenter Self-Signed Certificate Warning

We encounter the warning “The security certificate presented by this website was issued for a different website’s address” since the host name is different from the CN name.

To download the certificate, click Download trusted root CA certificates.

We save the file to any directory. The name of the file is download (with no extension).

Then we change the extension of download to download.zip and extract it with the built-in archiver (Extract All):

VMWare vCenter Self-Signed Certificate Warning

The cert archive contains 2 files with the extensions .0 and .r0. Change the file extension .0 to .cer.

Add root CA certificate to trusted certificates:

Now we only have to add this root CA certificate to the list of trusted certificates.

Suppose, we want this certificate to be trusted only with the current account. Open certmgr.msc console, go to Certificates > Trusted Root Certification Authorities and open the certificate import wizard (Import):

VMWare vCenter Self-Signed Certificate Warning

We select the certificate file obtained earlier and place it to the Trusted Root Certification Authorities store.

Finally we submit adding the certificate.

A new certificate with the name CA appears in the list:

Add root CA certificate to trusted certificates

Open the vCenter webpage in the browser again. The warning will not appear.

Generally, these guidelines are applicable to vCenter Server Appliance. If we are using Windows vCenter Server, we can’t download the certificate file. There will be no link to download the archive with the certificate.

This file is on vCenter Server in C:\ProgramData\VMware\SSL\. We have to import the certificate from this directory on a client in the same way.

[Still stuck with the warning? We’d be happy to assist]

 

Conclusion

In short, removing VMWare vCenter Self-Signed Certificate Warning is a trivial procedure, but there are some not quite obvious moments. Today, we saw one of the easy methods suggested by our Experienced Server Admins.

PREVENT YOUR SERVER FROM CRASHING!

Never again lose customers to poor server speed! Let us help you.

Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.

GET STARTED

var google_conversion_label = "owonCMyG5nEQ0aD71QM";

0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *

Never again lose customers to poor
server speed! Let us help you.