Book Image

VMware vSphere 6.7 Cookbook - Fourth Edition

By : Abhilash G B
Book Image

VMware vSphere 6.7 Cookbook - Fourth Edition

By: Abhilash G B

Overview of this book

VMware vSphere is the most comprehensive core suite of SDDC solutions on the market. It helps transform data centers into simplified on-premises private cloud infrastructures. This edition of the book focuses on the latest version, vSphere 6.7. The books starts with chapters covering the greenfield deployment of vSphere 6.7 components and the upgrade of existing vSphere components to 6.7. You will then learn how to configure storage and network access for a vSphere environment. Get to grips with optimizing your vSphere environment for resource distribution and utilization using features such as DRS and DPM, along with enabling high availability for vSphere components using vSphere HA, VMware FT, and VCHA. Then, you will learn how to facilitate large-scale deployment of stateless/stateful ESXi hosts using Auto Deploy. Finally, you will explore how to upgrade/patch a vSphere environment using vSphere Update Manager, secure it using SSL certificates, and then monitor its performance with tools such as vSphere Performance Charts and esxtop. By the end of this book, you'll be well versed in the core functionalities of vSphere 6.7 and be able to effectively deploy, manage, secure, and monitor your environment.
Table of Contents (18 chapters)

Renewing ESXi certificates

As we mentioned at the start of this chapter, ESXi nodes also use SSL certificates to secure communication between them and external clients. ESXi will have an autogenerated Machine SSL certificate assigned to it during the first boot post-installation. However, when an ESXi is added to vCenter Server, it is assigned a new self-signed certificate by the VMCA. VMCA issued certificates can be renewed via the web client GUI.

You can also assign custom certificates to an ESXi host, but this is a tedious certificate replacement process as it has to be manually performed on each host.

The ESXi certificates are not stored in VECS; they are stored locally on each ESXi host in the /etc/vmware/ssl directory.

In this recipe, we will learn how to renew VMCA issued ESXi certificates.

...