Public Key Infrastructure (PKI) is based on digital certificates used for encrypting or signing data. These digital certificates are known as X.509 certificates. A certificate could be equated to having a virtual ID card. In the real world, we use IDs, like a passport or a driver's license, to prove our identities. The difference here is that certificates are not issued to people, but to computers or software packages.
PKI provides functions such as authenticating users, signing and distributing certificates, and managing and revoking certificates.
SSL certificates are used for establishing secure communication between vSphere components. By default, vSphere components use self-signed certificates and keys that are created during installation.
The main reason that the self-signed SSL certificates are replaced by Certificate Authority (CA) signed certificates is to prevent or reduce the risk of man-in-the-middle attacks. A man-in-the-middle attack is where a valid system...