Add Trusted Root Certificates for vCenter

Owned by Anthony Lai
Apr 25, 2024
2 min read

This article applies to JSDR software using vCenter 7.0 U2 and above.

Issue

When using vCenter 7.0US and above, the following certificates must be added to the vCenter trust root to validate the certificate used to sign the OVA.

image-20240425-171625.png
Example: OVA deployed without certificates:
image-20240425-171641.png
Example: Valid certificates applied.

Solution

  1. Download the following certificates from Sectigo to validate the JetDR OVA:
    (https://support.sectigo.com/articles/Knowledge/Sectigo-Intermediate-Certificates )

  • Sectigo Public Code Signing CA R36

  • SectigoPublicCodeSigningRootR46_AAA [ Cross Signed ]

  • AAA Certificate Services

  1. From the vSphere client, go to Menu > Administration > Certificate Management > Trusted root certificates and add each certificate.

  • Browse the certificate location and select the certificate.

  • Tick the checkbox to enable Start Root certificate push to vCenter Hosts.

  • Click the Add button.

  • Do this procedure for each of the three required certificates.

 

Â