Hi,
We are currently redesigning our internal vCenter servers, and we would therefor also be installing certificates on the vCenter, in order to bypass the browser certificate warning.
Over the past few years, we have had massive issues with using our own certificates, issued by our internal CA. Some have been due to human errors, but we have also been facing several bugs along the way, that have been fixed later on with an hotfix from VMware.
Our environment have several "external products" connecting (Veeam, SCOM, etc), that relies heavily on the certificate presented.
Im therefor considering rolling out the vCenters own CA, to our clients / servers, that manages and connects to VMware - hoping that we would see less certificate issues in the future.
How to download and install vCenter Server root certificates to avoid Web Browser certificate warnings (2108294) (vmware.com)
So what is the best practice, and what option would you recommend using (VMware built-in CA vs our own CA), based on your knowledge?
Thanks in advance