You can use third-party applications to upload certificates and key. Applications that support HTTPS PUT operations work with the HTTPS interface that is included with ESXi.
Prerequisites
- If you want to use third-party CA-signed certificates, generate the certificate request, send it to the certificate authority, and store the certificates on each ESXi host.
- If necessary, enable the ESXi Shell or enable SSH traffic from the vSphere Client.
- All file transfers and other communications occur over a secure HTTPS session. The user who is used to authenticate the session must have the privilege on the host.
Note: Before you replace the certificates, update the
vCenter Server TRUSTED_ROOTS store. See
Update the vCenter Server TRUSTED_ROOTS Store (Custom Certificates).