Enable smart card authentication to prompt for smart card and PIN combination to log in to the ESXi DCUI.
Prerequisites
- Set up the infrastructure to handle smart card authentication, such as accounts in the Active Directory domain, smart card readers, and smart cards.
- Configure ESXi to join an Active Directory domain that supports smart card authentication. For more information, see Using Active Directory to Manage ESXi Users.
- Use the vSphere Client to add root certificates. See Certificate Management for ESXi Hosts.
Procedure
- Browse to the host in the vSphere Client inventory.
- Click Configure.
- Under System, select Authentication Services.
You see the current smart card authentication status and a list with imported certificates.
- In the Smart Card Authentication panel, click Edit.
- In the Edit Smart Card Authentication dialog box, select the Certificates page.
- Add trusted Certificate Authority (CA) certificates, for example, root and intermediary CA certificates.
Certificates must be in PEM format.
- Open the Smart Card Authentication page, select the Enable Smart Card Authentication check box, and click OK.