hi,
I am trying to replace the root certificate of the VMCA with a subca certificate of our Microsoft Windows CA.
Using the certificate manager on our vcenter server appliance (PSC is embedded):
- /usr/lib/vmware-vmca/bin/certificate-manager
- choose option 2 (Replace VMCA Root Certificate...)
- Using configuration file: Yes
Then it starts asking me for detail information like country, company name and so on. I enter all the information and let it generate the request.
The problem is that it doesn't care what I enter. It always creates a request with the default values:
CN = CA
OU = VMware
O = %hostname%
S = California
DC = local
DC = vsphere
C = US
The only thing it actually changes is the hostname and the resulting certificate obviously also contains the wrong data.
I tried modifying the configuration file and restarting the process. It showed me the correct presets from the config file (country, company name etc were all displayed correctly) but the resulting request still looked like the one above.
What's my mistake?
We are running vSphere 6.5 Update 1.
Thanks,
Steffen