To prevent man-in-the-middle attacks and to fully use the security that certificates provide, certificate checking is enabled by default. You can verify that certificate checking is enabled in the vSphere Client.

Note

vCenter Server certificates are preserved across upgrades.

1

Log in to the vCenter Server system using the vSphere Client.

2

Select Administration > vCenter Server Settings.

3

Click SSL Settings in the left pane and verify that Check host certificates is selected.

4

If there are hosts that require manual validation, compare the thumbprints listed for the hosts to the thumbprints in the host console.

To obtain the host thumbprint, use the Direct Console User Interface (DCUI).

a

Log in to the direct console and press F2 to access the System Customization menu.

b

Select View Support Information.

The host thumbprint appears in the column on the right.

5

If the thumbprint matches, select the Verify check box next to the host.

Hosts that are not selected will be disconnected after you click OK.

6

Click OK.