vCenter Shows alarm for "ESXi Certificate Mode 'thumbprint' is deprecated"
search cancel

vCenter Shows alarm for "ESXi Certificate Mode 'thumbprint' is deprecated"

book

Article ID: 427041

calendar_today

Updated On:

Products

VMware vCenter Server

Issue/Introduction

  • Alarm in vCenter is triggered stating: 
    ESXi Certificate Mode 'thumbprint' is deprecated
  • Checking vpxd.certmgmt in advanced settings of the vCenter Server it shows "thumbprint"

Environment

VMware vCenter Server 8.x

Cause

  • vpxd.certmgmt in advanced settings of the vCenter Server is set to "thumbprint"
  • This bypasses ESXi SSL certificate checks and is usually used for troubleshooting purposes 

Resolution

  1. In the vSphere Client, select the vCenter Server system that manages the hosts.
  2. Click Configure, and under Settings, click Advanced Settings.
  3. Click Edit Settings.
  4. Click the Filter icon in the Name column, and in the Filter box, enter vpxd.certmgmt to display only certificate management parameters.
  5. Change the value of vpxd.certmgmt.mode to vmca and click Save.
    • Change value to custom if external CA certificates are issued on ESXi 
  6. Reset the alarm to green 

Additional Information

Powered by Wolken Software