You can configure the Web proxy so that it searches for certificates in a location other than the default location. This is useful for companies that centralize their certificates on a single machine so that multiple hosts can use the certificates.

1

Log in to the service console and acquire root privileges.

2

Change to the /etc/vmware/hostd/ directory.

3

Use a text editor to open the proxy.xml file and find the following XML segment.

<ssl>
<!-- The server private key file -->
<privateKey>/etc/vmware/ssl/rui.key</privateKey>
<!-- The server side certificate file -->
<certificate>/etc/vmware/ssl/rui.crt</certificate>
</ssl>
4

Replace /etc/vmware/ssl/rui.key with the absolute path to the private key file that you received from your trusted certificate authority.

This path can be on the ESX host or on a centralized machine on which you store certificates and keys for your company.

Note

Leave the <privateKey> and </privateKey> XML tags in place.

5

Replace /etc/vmware/ssl/rui.crt with the absolute path to the certificate file that you received from your trusted certificate authority.

Caution

Do not delete the original rui.key and rui.crt files. The ESX host uses these files.

6

Save your changes and close the file.

7

Enter the following command to restart the vmware-hostd process.

service mgmt-vmware restart