Trust vCenter Root Certificates for Windows and Mac

Mindwatering Incorporated

Author: Tripp W Black

Created: 06/01 at 01:50 PM



Make a MS Windows workstation and a Mac workstation trust the vCenter certificates.

Part 1 - Download the certificates from vCenter
1. Navigate to the vCenter instance home page (no /ui)

2. On the right under the For Administrators box, click the last link/entry, Download trusted root CA certificates.
This downloads a file: ~/Downloads/

3. Extract/example the archive. This produces a certs folder. In the certs folder is a win, mac, and lin set of folders with the certificates.

4. Within the Mac and Win folders, remove the files with a "r". These are revocation list entries, in which we are not currently interested.
e.g. rm bdb0bff4.r1.crl

Part 2 - Add the certificates to the Mac and PC workstations
Although, there is a folder for Mac, the win folder will work just fine, since they already have the .crt extension.
1. Open the certificate with the Keychain Access, the "CA" entry will be added w/o any trust.
2. Double-click the CA entry, and change the "Not Trusted" to "Trusted" for "Secure Sockets Layer". Close the dialog and authenticate to add the change.

1. Right click each certificate, choose Install Certificate. Click Open.
2. In the Certificate Import Wizard, under Store Location, Current User. Click Next.
3. Select Place all certificates in the following store, if not already selected. Click the Browse button, and in the Select Certificate Store pop-up, choose Trusted Root Certificates Authorities. Click OK. Authenticate when prompted. Click OK to the complete noticed.

previous page