ESXi

 View Only
  • 1.  (51192) SSL Certificate Cannot Be Trusted

    Posted Feb 28, 2020 12:06 AM

    I just got a Nessus violation on a ESXi host. The ironic thing is I only got it on one host and in vCenter I already did renew Certificate.  It did not appear to resolve it.   I looked at the Certificate on the box in vCenter and it looks fine.



  • 2.  RE: (51192) SSL Certificate Cannot Be Trusted

    Posted Feb 28, 2020 03:15 AM

    What is the certificate being presented by the host itself?



  • 3.  RE: (51192) SSL Certificate Cannot Be Trusted

    Posted Feb 28, 2020 08:55 PM



  • 4.  RE: (51192) SSL Certificate Cannot Be Trusted

    Broadcom Employee
    Posted Feb 29, 2020 08:27 AM

    That's a VMCA signed ceritificate and not a CA certificate which is why it shows not trusted. Why should that be trusted ? Replace with your Microsoft CA or any other CA to get it trusted .

    Make sure to have the vpxd.certmgmt.mode to custom when using custom certs .