Today, I changed the IP address of my VMware vCenter Server Appliance and was greeted by a SSL certificate verification failed error message after I tried to login to the vSphere web-client on the new IP address.
Apparently, the VCSA does not regenerate a new SSL certificate automatically after you changed the IP address and/or hostname.
In order to generate a new SSL certificate and automatically generate new certificates, if needed, follow the steps below:
- Login to your VCSA Console (https://vcsa:5480)
- Go to the Admin-Tab, set Certificate regeneration enabled to Yes and Save setting.
This will make sure a new SSL certificate will be generated every time you reboot your VCSA instance. - Last, go to the System-Tab and Reboot the VCSA instance to get a new certificate generated.Note: Rebooting VCSA can take up to 10 minutes.
- Once the VCSA is back up and all services are started, you can login to the vSphere web-client. The SSL certificate error should no longer be present.