A VMware Endpoint Certificate Store (VECS) instance is included on each vCenter Server node. You can explore the different stores inside the VMware Endpoint Certificate Store from the vSphere Client, including machine SSL and trusted root certificates.

See VMware Endpoint Certificate Store Overview for details on the different stores inside VECS.

Prerequisites

For most management tasks, you must have the password for the administrator for the local domain account, [email protected] or a different domain if you changed the domain during installation.

Procedure

  1. Log in with the vSphere Client to the vCenter Server.
  2. Specify the user name and password for [email protected] or another member of the vCenter Single Sign-On Administrators group.
    If you specified a different domain during installation, log in as administrator@ mydomain.
  3. Navigate to the Certificate Management UI.
    1. From the Home menu, select Administration.
    2. Under Certificates, click Certificate Management.
  4. If the system prompts you, enter the credentials of your vCenter Server.
  5. Explore the certificates stored inside the VMware Endpoint Certificate Store (VECS).
    VMware Endpoint Certificate Store Overview explains what is in the individual stores.
  6. To view details for a certificate, select the certificate and click View Details.
  7. Use the Actions menu to renew or replace certificates.
    For example, if you replace the existing certificate, you can later remove the old root certificate. Remove certificates only if you are sure that they are no longer in use.