vCenter

  • 1.  What are vCenter certificates used for?

    Posted Jan 02, 2024 08:31 AM

    First of all, everyone happy new year!! : )

    I have a question from the new year.

     

    What are the Machine_SSL, STS, and ROOT CA certificates that can see in the vCenter Web UI used for?

    What happens when they expire or are missing?

    I want to make sure I know exactly what these certificates do!

     

    vCenter Certificate.png



  • 2.  RE: What are vCenter certificates used for?

    Posted Jan 02, 2024 10:49 AM

    Hello,


    Trying to make it very simple (even too simple), they essentially serve because within a vSphere infrastructure, communications between/with the various software components that compose it are made secure using "certificates". Keeping it simple, what happens when a certificate expires, i.e. it is no longer valid, communications are rejected and things start to no longer work as they should.


    A good reference that might answer your question can be found here:
    https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-authentication/GUID-3AF7757E-A30E-4EEC-8A41-28DA72102520.html


    Regards,
    Ferdinando



  • 3.  RE: What are vCenter certificates used for?

    Broadcom Employee
    Posted Jan 04, 2024 04:02 PM

    What are the Machine_SSL, STS, and ROOT CA certificates that can see in the vCenter Web UI used for?

    Machine_SSL - Works on port 443. Then you open the UI of vCenter, it uses the Machine_SSL cert
    STS - Secure Token Service, used to sign the internal tokens for authentication
    Root CA - Certificate Authority, which is the signing cert / root cert

    What happens when they expire or are missing?

    The services would fail and would not be able to access the server.