This issue occurs if the self-signed SSL certificates are missing or are not updated after FQDN or Shortname change.
To resolve this issue, you must create a new self-signed certificate on the ESX or ESXi host.
To create a new self-signed certificate on the ESX or ESXi host:
- Run this command to navigate to the SSL folder:
cd /etc/vmware/ssl
- Run this command to create a folder named backup:
mkdir backup
- Run this command to move the existing SSL certificate files to the backup folder:
mv rui.* backup
- Restart the management agents on the ESX or ESXi host. This creates a new self-signed certificate. For more information, see Restarting the Management agents on an ESX or ESXi Server (1003490).
Note: In ESXi 3.5, ESXi 4.1 and 5.x, if the new self-signed certificates are not created after restarting the management agents, you may have to manually create the certificates. To create new self-signed certificates:
- Change to sbin directory
# cd /sbin/
- Run the generate-certificates.sh script to generate new certificates:
# ./generate-certificates.sh
For ESXi 5.x, use this command:# ./generate-certificatesFor ESXi 3.5: Run the create_certificates script to generate new certificates:# ./create_certificatesNote: For ESXi 3.5, restart the the management agents on the host to complete the process. For more information, see Restarting the Management agents on an ESX or ESXi Server (1003490).