The Platform Services Controller Administration documentation explains how the VMware® Platform Services Controller™ fits into your vSphere environment and helps you perform common tasks such as certificate management and vCenter Single Sign-On configuration.

Platform Services Controller Administration explains how you can set up authentication with vCenter Single Sign-On and how to manage certificates for vCenter Server and related services.

Table 1. Platform Services Controller Administration Highlights


Content Highlights

Getting Started with Platform Services Controller

  • vCenter Server and Platform Services Controller deployment models. NOTE: This information changes with each release of the product.

  • Platform Services Controller services on Linux and Windows.

  • Managing Platform Services Controller services.

  • Managing the Platform Services Controller appliance using VAMI.

vSphere Authentication with vCenter Single Sign-On

  • Architecture of the authentication process.

  • How to add identity sources so users in your domain can authenticate.

  • Two-factor authentication.

  • Managing users, groups, and policies.

vSphere Security Certificates

  • Certificate model, and options for replacing certificates.

  • Replace certificates from the UI (simple cases).

  • Replace certificates using the Certificate Manager utility.

  • Replace certificates using the CLI (complex situations).

  • Certificate management CLI reference.

Related Documentation

A companion document, vSphere Security, describes available security features and the measures that you can take to safeguard your environment from attack. That document also explains how you can set up permissions, and includes a reference to privileges.

In addition to these documents, VMware publishes a Hardening Guide for each release of vSphere, accessible at The Hardening Guide is a spreadsheet with entries for different potential security issues. It includes items for three different risk profiles.

Intended Audience

This information is intended for administrators who want to configure Platform Services Controller and associated services. The information is written for experienced Windows or Linux system administrators who are familiar with virtual machine technology and data center operations.

vSphere Web Client and vSphere Client

Task instructions in this guide are based on the vSphere Web Client. You can also perform most of the tasks in this guide by using the new vSphere Client, also called the HTML 5 client. The new vSphere Client user interface terminology, topology, and workflow are closely aligned with the same aspects and elements of the vSphere Web Client user interface. You can apply the vSphere Web Client instructions to the new vSphere Client unless otherwise instructed.


Not all functionality in the vSphere Web Client has been implemented for the vSphere Client in the vSphere 6.5 release. For an up-to-date list of unsupported functionality, see Functionality Updates for the vSphere Client Guide at