Replace Solution User Certificates with VMCA Certificates (Intermediate CA)

When you use VMCA as an intermediate CA, you can replace the solution user certificate explicitly. First you replace the VMCA root certificate on the vCenter Server, then you can replace the solution user certificate, which will be signed by the VMCA's new root. You can also use this option to replace solution certificates that are corrupt or about to expire.

Prerequisites

Restart all vCenter Server nodes explicitly if you replaced the VMCA root certificate in a deployment consisting of multiple instances of vCenter Server in Enhanced Linked Mode configuration.
You must know the following information to run Certificate Manager with this option.
- Password for [email protected]
- Host name or IP address of the vCenter Server system

Procedure

Start vSphere Certificate Manager and select option 6.
Respond to the prompts.
See the VMware knowledge base article at http://kb.vmware.com/kb/2112281 for more information.

Results

vSphere Certificate Manager replaces all solution user certificates.