By default, vSphere uses TLS/SSL certificates that are signed by VMCA (VMware Certificate Authority). These certificates are not trusted by end-user devices or browsers.
As a security best practice, replace at least all user-facing certificates with certificates that are signed by a third-party or enterprise Certificate Authority (CA). Certificates for machine-to-machine communication can remain VMCA-signed.
| Decision ID |
Design Decision |
Design Justification |
Design Implication |
|---|---|---|---|
| SDDC-VI-VC-046 |
Replace the vCenter Server machine certificate and Platform Services Controller machine certificate with a certificate signed by a third-party Public Key Infrastructure. |
Infrastructure administrators connect to both vCenter Server and the Platform Services Controller using a Web browser to perform configuration, management, and troubleshooting activities. Using the default certificate results in certificate warning messages. |
Replacing and managing certificates is an operational overhead. |
| SDDC-VI-VC-047 |
Use a SHA-2 or higher algorithm when signing certificates. |
The SHA-1 algorithm is considered less secure and has been deprecated. |
Not all certificate authorities support SHA-2. |
