Update SSL Certificate on ESXi Host (6.5):

Generate a New SSL Certificate:
Generate a new SSL certificate. You can use tools like OpenSSL to create a new certificate. Ensure that the Common Name (CN) matches the hostname or IP address of your ESXi host.

Copy Certificate Files to ESXi Host:
Copy the new certificate files (including the private key, public key, and any intermediate certificates) to your ESXi host. You can use SCP or a tool like WinSCP for this.

Access ESXi Host via SSH:
Enable SSH on the ESXi host if it's not already enabled.
Connect to the ESXi host using an SSH client (such as PuTTY).

Backup Existing Certificates:
Before making any changes, create a backup of the existing certificate files on the ESXi host for rollback purposes.

bash

cp /etc/vmware/ssl/rui.* /etc/vmware/ssl_backup/

Replace Existing Certificates:

Replace the existing certificate files with the new ones you copied.

bash

cp /path/to/new/certificate/rui.* /etc/vmware/ssl/

Restart Management Services:

Restart the management services to apply the changes.

bash

/etc/init.d/hostd restart
/etc/init.d/vpxa restart

Verify Certificate Update:
Verify that the new certificate is in use by accessing the ESXi host through a web browser and checking the SSL certificate details.

Update Certificate in vCenter Server:

Connect to vCenter Server:
Open the vSphere Client and log in to your vCenter Server.

Navigate to ESXi Host:
In the 'Hosts and Clusters' view, select the ESXi host you updated.

Check Certificate:
Confirm that the new SSL certificate is reflected in the host details.

Reconnect Host:
If needed, you may need to reconnect the host to vCenter to ensure that the new certificate is recognized.