The offline method of updating the vCenter server appliance is useful for the enviroments which does not have direct internet to avoid security risk and also to update the vCenter where the update fails when using the VAMI page. It’s very important that we may need to update or patch these environments to protect them from vulnerabilities.
How to download the patch iso?
We can download the patch from the VMware product patches page.
Once you reach the VMware product patches page, Select VC from the drop-down Menu VC -> Select the version of your vCenter 6.5, 6.7 or 7.0. Download the patch that is the latest in the list for the version of the vCenter that you are using.
Note: when downloading the iso make sure that the tag FP on the iso, when you want to patch the vCenter server. (Refer the image below)
Important: You only need the latest patch because the updates are cumulative, which contains all the patches.
After downloading the iso from the Product Patches page.
Now connect to your vSphere Client and upload this ISO to a data store which is accessible vCenter server appliance. Then select the vCenter server appliance VM and connect the ISO to the VM and select the option connected.
Please connect take an SSH session (PuTTY for example)of the vCenter appliance using the root account and follow the below steps,
software-packages stage --iso --acceptEula
software-packages list --staged
software-packages install --staged
This method is very useful where you can stage the patches prior to the update to reduce downtime.
Also, VMware patch does not require a reboot. You can confirm if the reboot is required or not from the release notes of the particular patch.