My delivery environment will need to utilise PKI issued certs to all components for VCF - including the ESXi hosts. I've tried to be creative one first couple of lab runs and bringup VCF4.3 management WLD in default certmgmt.mode 'vmca' and then later change it to 'custom', decommission-reimage-externalPKI-recommission the hosts back in. Whilst this doesn't then generate VSAN skyline health errors within the vCenter webconsole there's clearly still a problem - when I run the python prepare script to shut down the rig the same errors about local issuer certificate persist (and I got a nice PSOD on one host).

SOFTWARE ・ 1 DAY AGO