→ Applies to: VMware ESXi 6.5 and above
Procedure with reboot
Step 1. Connect to VMware ESXi via SSH as root (replace <your_ip_address_or_hostname> with the correct ip)
ssh root@<your_ip_address_or_hostname>
Step 2. Move into the following directory
cd /etc/vmware/ssl
Step 3. Rename the existing certificate and key with these commands
mv rui.crt orig.rui.crtmv rui.key orig.rui.key
Step 4. Launch a file transfer software in order to transfer files on VMware ESXi host (e.g. WINSCP)
Step 5. Copy the new certificate and key into VMware SSL folder (Step 2)
IMPORTANT: make sure the new certificate and key have exactly the same names as the previous files
Step 6. Restart VMware ESXi host
Procedure without reboot
Step 1. Login to ESXi DCUI (Direct Console User Interface)
- From IPMI, open remote console
- From virtual keyboard, press CTRL+ALT+F2 (sometimes F2 only)
- Login with the correct root credentials
Step 2. Put the ESXi host in maintenance mode
Step 3. Connect to VMware ESXi via SSH as root (replace <your_ip_address_or_hostname> with the correct ip)
ssh root@<your_ip_address_or_hostname>
Step 4. Move into the following directory
cd /etc/vmware/ssl
Step 5. Rename the existing certificate and key with these commands
mv rui.crt orig.rui.crtmv rui.key orig.rui.key
Step 6. Launch a file transfer software in order to transfer files on VMware ESXi host (e.g. WINSCP)
Step 7. Copy the new certificate and key into VMware SSL folder (Step 4)
IMPORTANT: make sure the new certificate and key have exactly the same names as the previous files
Step 8. Enter “Troubleshooting Options” menu
Step 9. Select “Restart Management Agents”, press <Enter> and then F11
Step 10. Connect to VMware ESXi via SSH as root (replace <your_ip_address_or_hostname> with the correct ip)
ssh root@<your_ip_address_or_hostname>
Step 11. Restart services
services.sh restart
Step 12. Remove VMware ESXi host from maintenance mode