The Single Sign-On certificate needs to be bound to the corresponding service in order for the neighboring services to trust the service and not prompt for verification. The default certificate is self-signed and not trusted by any remote machine.
In order to proceed, we require access to the directory that holds the certificate and private key that were generated as a result of the certificate request completed earlier. In our example, the certificates are located in the C:\Certificates\SSLTool\requests\<service name>
folder.
Ensure that the command prompt account has administrative access to the vCenter and local servers.
Perform the following steps:
Open a command prompt on the local vCenter server as an administrator.
Navigate to the location where VMware SSL Certificate Automation Tool has been installed (in our example,
C:\Certificates\SSLTool
).Run
ssl-updater.bat
.From the main menu, enter
3
to update Single Sign...