By default, the ESXi hosts are automatically provisioned with VMware Certificate Authority (VMCA) certificates when they are connected to vCenter Server. Set the host certificate mode on vCenter Server in Region B to support a custom certificate authority so that vCenter Server stops pushing VMCA certificates on to the ESXi hosts.

vCenter Server

ESXi Host

lax01m01vc01.lax01.rainpole.local

lax01m01esx01.lax01.rainpole.local

lax01m01esx02.lax01.rainpole.local

lax01m01esx03.lax01.rainpole.local

lax01m01esx03.lax01.rainpole.local

Procedure

  1. Log in to vCenter Server by using the vSphere Web Client.
    1. Open a Web browser and go to https://lax01m01vc01.lax01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

  2. Verify that all CA certificates from vCenter Server are updated on all hosts.
    1. In the Navigator, under Hosts and Cluster, select lax01m01esx01.lax01.rainpole.local, and click the Configure tab.
    2. Under System, select Certificate and click Refresh CA Certificates.
    3. Repeat the steps for the management ESXi hosts that are controlled by the Management vCenter Server lax01m01vc01.lax01.rainpole.local.
  3. Change the certificate mode for the ESXi hosts in the management cluster to custom.
    1. In the Navigator, under Hosts and Cluster, select lax01m01vc01.lax01.rainpole.local, and click the Configure tab.
    2. Under Settings, click Advanced Settings and click Edit.
    3. In the filter box, enter certmgmt and press Enter to view only certificate management properties.
    4. Change the value of the vpxd.certmgmt.mode property to custom and click OK.
  4. Restart the vCenter Server Appliance to apply the changes.
    1. Open a Web browser and go to https://lax01m01vc01.lax01.rainpole.local:5480
    2. Log in using the following credentials.

      Settings

      Values

      User name

      root

      Password

      mgmt_vc_server_password

    3. Click Reboot to restart the vCenter Server Appliance.