The ESX host generates certificates the first time the system is started. Under certain circumstances, you might be required to force the host to generate new certificates. You typically generate new certificates only if you change the host name or accidentally delete the certificate.

Each time you restart the vmware-hostd process, the mgmt-vmware script searches for existing certificate files (rui.crt and rui.key). If it cannot find them, it generates new certificate files.


In the directory /etc/vmware/ssl, back up any existing certificates by renaming them using the following commands.

mv rui.crt orig.rui.crt
mv rui.key orig.rui.key

If you are regenerating certificates because you accidentally deleted them, you are not required to rename them.


Use the following command to restart the vmware-hostd process.

service mgmt-vmware restart


Confirm that the ESX host successfully generated new certificates by using the following command and comparing the time stamps of the new certificate files with orig.rui.crt and orig.rui.key.

ls -la