, ,

Installing the VMware vCenter Server root CA certificate

Are you seeing the below error when connecting to a vCenter server? If yes, it’s easy and simple to resolve this issue.

Your connection is not private

I’m on my local Windows OS machine using Chrome browser, so I’m going to install this locally. In a production environment with a larger deployment, best practice would be to install using the Active Directory Domain and Group Policy method plus possibly use a 3rd party SSL certificate. If interested in reading more, other options are covered and details are located in the official VMware KB:

How to download and install vCenter Server root certificates to avoid Web Browser certificate warnings (2108294) (vmware.com)

Looking closer to the issue in Chrome, I can see the cert issue

As I mentioned earlier, for ease of use, and because this is my lab environment with one or two machines, I’ll simply download and install the default cert on my local machine.

Ok, lets go!

Click proceed…past the warning page in Chrome…

At the “Getting Started” main web page of the vCenter Server, on the right hand side of the page is a link, right-click on “Download trusted root CA certificates”

Download the .zip package and save it somewhere safe and easy to access. Unzip, and go into the certs folder, then there will be three options depending on the OS…Linux, Mac, or Windows. I’m using Windows (Chrome) so I will click into that folder, and right-click on the .crt file

Then click on “Install Certificate”

Click past the security warning to open the file…and the Certificate Import Wizard will open. Select “Local Machine” then Next…

Select the “Place all certificates in the following store” radio button, and place them in the Trusted Root Certification Authorities folder.

Confirm and click Finish

Now let’s go back to my VCSA page, and we now see the lock icon, and the connection is now secure, yay!!

And that’s it…thanks for reading – please comment down below if any of this helped or if you have ever run across this issue.


Leave a Reply

Your email address will not be published. Required fields are marked *