Hi,
I have a single ESXi free standalone host, and I would like to replace the self signed cert with a wildcard cert generated by my internal ADCS CA.
Can anyone tell me in simple terms how to complete this?
Cheers
Eds
vSphere doesn't support wildcard certs.
Ok understood. Kind of annoying but not the end of the world.
I have now created a FQDN cert request, but when importing the issed cert from ADCS, I get:
ERR_CERT_WEAK_SIGNATURE_ALGORITHM
I assume this is because it is SHA1? Is this something that ESXi controls when created the cert request or is it an ADCS setting that would need to be changed?
Thanks
Eds
You have signed the cert from your CA in SHA1 which won't work nor is it even a good idea because of its strength.
Sorry, I have just gone back over the guide I used to deploy my CA, and while the screenshot they included for the signing algorithm step said SHA1, they made a note that I missed to use 256 instead.
I will try to change my signing algorithm, and reissue my certificate.
Thanks
Yep, works fine after reissuing with SHA256.
Thanks
Eds