How to Create a Microsoft Certificate Authority Template for SSL certificate creation in vSphere 6.x&7.x

In this article we are going to learn how to configure Microsoft Certificate Authority (CA) templates for use with custom SSL certificate implementation in vSphere 6.x/7.x.

Connect to the CA server, where you will be generating the certificates from using an RDP session (mstsc).

Click Start > Run, type certtmpl.msc, and click OK.

In the Certificate Template Console, under Template Display Name, right-click Web Server and click Duplicate Template.

In the Duplicate Template window, select Windows Server 2003 Enterprise for backward compatibility.

Note: If you have an encryption level higher than SHA1, select Windows Server 2008 Enterprise.

Click the General tab and In the Template display name field, enter VMware (anything you prefer) as the name of the new template.

Click on the Extensions tab.

  1. Select Application Policies and click Edit.
  2. Select Server Authentication and click Remove, then OK.Note: If Client Authentication exists, remove this from Application Policies as well.

Note: If Client Authentication exists, remove this from Application Policies as well.

Select Key Usage and click Edit.

  1. Select the Signature is proof of origin (non repudiation) option. Leave all other options as default.
  2. Click OK.

Click the Subject Name tab.

  1. Ensure that the Supply in the request option is selected.
  2. Click OK to save the template.

Click OK to save the template.

Now let’s proceed Proceed with Adding a new template to certificate templates section in the article to make the newly created certificate template available.

Click Start > Run, type certsrv.msc, and click OK.

In the left pane of the Certificate Console, if collapsed, expand the node by clicking the + icon.

Right-click Certificate Templates and click New > Certificate Template to Issue.

Locate VMware under the Name column and Click OK.

Now we have successfully added the VMware CA template to the Certificate Templates.

Reference: https://kb.vmware.com/s/article/2112009

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s