I have a bit of script for the lazy people out there with 6.5. Make the changes to one config file and put it up on your network. Then make a login script to run:
mkdir C:\ProgramData\VMware\CIP\csd\ssl\backup\
move C:\ProgramData\VMware\CIP\csd\ssl\cert.der C:\ProgramData\VMware\CIP\csd\ssl\backup\
move C:\ProgramData\VMware\CIP\csd\ssl\cert.pem C:\ProgramData\VMware\CIP\csd\ssl\backup\
move C:\ProgramData\VMware\CIP\csd\ssl\server.pem C:\ProgramData\VMware\CIP\csd\ssl\backup\
move C:\ProgramData\VMware\CIP\csd\ssl\csd-openssl.cfg C:\ProgramData\VMware\CIP\csd\ssl\backup\
copy \\<networklocation>\csd-openssl.cfg C:\ProgramData\VMware\CIP\csd\ssl\csd-openssl.cfg
icacls.exe C:\ProgramData\VMware\CIP\csd\ssl\csd-openssl.cfg /inheritance:r /grant:r "LOCAL SERVICE":R /grant:r "SERVICE":R /grant:r "SYSTEM":F /grant:r *S-1-5-32-544:F
"C:\Program Files (x86)\VMware\Plug-in Service\openssl.exe" req -new -config C:\ProgramData\VMware\CIP\csd\ssl\csd-openssl.cfg -key C:\ProgramData\VMware\CIP\csd\ssl\key.pem -out C:\ProgramData\VMware\CIP\csd\ssl\server.csr
"C:\Program Files (x86)\VMware\Plug-in Service\openssl.exe" x509 -req -days 3650 -in C:\ProgramData\VMware\CIP\csd\ssl\server.csr -signkey C:\ProgramData\VMware\CIP\csd\ssl\key.pem -out C:\ProgramData\VMware\CIP\csd\ssl\cert.pem -extfile C:\ProgramData\VMware\CIP\csd\ssl\csd-openssl.cfg -extensions req_x509_extensions
copy /b C:\ProgramData\VMware\CIP\csd\ssl\cert.pem+C:\ProgramData\VMware\CIP\csd\ssl\key.pem C:\ProgramData\VMware\CIP\csd\ssl\server.pem
"C:\Program Files (x86)\VMware\Plug-in Service\openssl.exe" x509 -outform der -in C:\ProgramData\VMware\CIP\csd\ssl\cert.pem -out C:\ProgramData\VMware\CIP\csd\ssl\cert.der
certutil -delstore "root" vmware-plugin
certutil -addstore "root" C:\ProgramData\VMware\CIP\csd\ssl\cert.der
icacls C:\ProgramData\VMware\CIP\csd\ssl\cert.der /inheritance:r /grant:r "LOCAL SERVICE":R /grant:r "SERVICE":R /grant:r "SYSTEM":F /grant:r *S-1-5-32-544:F
icacls C:\ProgramData\VMware\CIP\csd\ssl\cert.pem /inheritance:r /grant:r "LOCAL SERVICE":R /grant:r "SERVICE":R /grant:r *S-1-5-11:R /grant:r "SYSTEM":F /grant:r *S-1-5-32-544:F
icacls C:\ProgramData\VMware\CIP\csd\ssl\server.pem /inheritance:r /grant:r "LOCAL SERVICE":R /grant:r "SERVICE":R /grant:r "SYSTEM":F /grant:r *S-1-5-32-544:F
net stop CipMsgProxyService
net start CipMsgProxyService