Instead of the default step-by-step approach by using product user interface, you can manage the certificates of the management components in VMware Cloud Foundation in an automated way by running PowerShell commands.

To manage the certificates of the management components for the management domain or a VI workload domain, call the SDDC and VCF cmdlets that are available in the VMware.CloudFoundation.CertificateManagement module in PowerShell Gallery. You can perform the following certificate operations on the management components:

  • Configure SDDC Manager with a Microsoft or an OpenSSL certificate authority.
  • Request the certificate signing requests for a workload domain.
  • Request SDDC Manager to call the certificate authority to sign the certificates for a workload domain.
  • Replace the certificates for a workload domain with CA-signed ones.

If you want to read the documentation, provide feedback, report an issue with automation, or contribute to the VMware.CloudFoundation.CertificateManagement module, go to the VMware.CloudFoundation.CertificateManagement open-source project in Github.

Note: To manage ESXi host certificates, you use a separate set of PowerShell commands. See ESXi Certificate Management for VMware Cloud Foundation.