You can view the certificates known to the vCenter Certificate Authority (VMCA) to see whether active certificates are about to expire, to check on expired certificates, and to see the status of the root certificate. You perform all certificate management tasks using the certificate management CLIs.
You view certificates associated with the VMCA instance that is included with your embedded deployment or with the Platform Services Controller. Certificate information is replicated across instances of VMware Directory Service (vmdir).
When you attempt to view certificates in the vSphere Web Client, you are prompted for a user name and password. Specify the user name and password of a user with privileges for VMware Certificate Authority, that is, a user in the CAAdmins vCenter Single Sign-On group.
- Log in with the vSphere Web Client to vCenter Server as email@example.com or another user of the CAAdmins vCenter Single Sign-On group.
- From the Home menu, select Administration.
- Click .
- Click Nodes, and select a host under the Nodes list.
- Click the Manage tab, and click Certificate Authority.
- Click the certificate type for which you want to view certificate information.
Displays active certificates, including their validation information. The green Valid To icon changes when certificate expiration is approaching.
Displays the list of revoked certificates. Not supported in this release.
Lists expired certificates.
Displays the root certificates available to this instance of vCenter Certificate Authority.
- Select a certificate and click the Show Certificate Details button to view certificate details.
Details include the Subject Name, Issuer, Validity, and Algorithm.