Enable smart card authentication to prompt for smart card and PIN combination to log in to the ESXi DCUI.

Set up the infrastructure to handle smart card authentication, such as accounts in the Active Directory domain, smart card readers, and smart cards.

Configure ESXi to join an Active Directory domain that supports smart card authentication. For more information, see Using Active Directory to Manage ESXi Users.

Use the vSphere Web Client to add root certificates. See Certificate Management for ESXi Hosts.

1

In the vSphere Web Client, browse to the host.

2

Click the Manage tab and click Settings.

3

Under System, select Authentication Services.

You see the current smart card authentication status and a list with imported certificates.

4

In the Smart Card Authentication panel, click Edit.

5

In the Edit Smart Card Authentication dialog box, select the Certificates page.

6

Add trusted Certificate Authority (CA) certificates, for example, root and intermediary CA certificates.

7

Open the Smart Card Authentication page, select the Enable Smart Card Authentication check box, and click OK.