Difference between revisions of "SSL - ESXi"

Revision as of 23:37, 24 September 2020

PIKEDOM.COM has some very good instructions.

The file you're replacing rui.crt with is either cert.pem or fullchain.pem (depending on whether you've set up with one or more than one domain in your certs.
The file you're replacing rui.key with is privkey.pem.
Both of the files from certbot may have a number attached to the end of the filename itself.

So...

SSH into the server...

You should be able directly install certs on your ESXi server thanks to vmWares bad habit of allowing SSH as root...

sudo scp /etc/letsencrypt/live/NAME.DOMAIN.TLD/fullchain.pem root@NAME.DOMAIN.TLD:/etc/vmware/ssl/rui.crt
sudo scp /etc/letsencrypt/live/NAME.DOMAIN.TLD/privkey.pem root@NAME.DOMAIN.TLD:/etc/vmware/ssl/rui.key
ssh root@NAME.DOMAIN.TLD /etc/init.d/rhttpproxy restart

Of course, you'll replace NAME.DOMAIN.TLD with the actual name of your server...

@@ Line 2: / Line 2: @@
 PIKEDOM.COM has some very good [https://pikedom.com/replace-self-signed-certificate-on-esxi-6-7-host/ instructions].
-Something to know if you got your certs from certbot:
+==== Something to know if you got your certs from certbot: ====
 *The file you're replacing <code>rui.crt</code> with is either <code>cert.pem</code> or <code>fullchain.pem</code> (depending on whether you've set up with one or more than one domain in your certs.
@@ Line 10: / Line 10: @@
 So...
-=== Loggin into the server to install ===
+===Loggin into the server to install===
 SSH into the server...