ESXi contains a host certificate that is used to encrypt traffic between itself and and endpoint such as its managing vCenter Server or a client machine when connecting to its web GUI. Occasionally, these certificates need to be renewed. 

ESXi 7.x 

ESXi 8.x

The host certificate is expiring soon.

Attempting to upgrade the host from ESXi 7.x to 8.x results in an error related to SHA-1 certificates. These certificates need to be replaced to adhere to the 8.x requirement which removes support for SHA-1. 

Log into the vSphere web client and navigate to the host whose certificate needs to be renewed. 

1. Click on the Configure tab
2. Click Certificate 
3. Click MANAGE WITH VMCA
4. Click Renew