Hi,
This is a test lab setup.
I have been trying this for sometime but it does not seem to be working as I understand it. I'm trying to get the VCSA to become a subordinate CA to sign certificate for ESXi hosts in its cluster.
The issue where I am lost if the use certificate chain, Subordinate certificate, and VMCA, for the the certificate chain not sure where to get the subordinate certificate from, as for the VMCA, not able to understand whether it will become a Subordinate CA after adding the chain or how.
I have tried form here : https://blogs.vmware.com/vsphere/2015/07/custom-certificate-on-the-outside-vmware-ca-vmca-on-the-ins...
Thus if anyone could guide me right.
My set up is I have a windows AD server with ADCS that is acting as a Root CA, I want the VCSA to act as a Subordinate CA for ESXi hosts (when I access the ESXi hosts via browser their certificates show as not secure, as far as I have reached when I access VCSA via vSphere it shows as secure).
Thank You