Obtain Certificates Using the vSphere Web Client

Use the vSphere Web Client to obtain certificates, so you don’t have to install another client on your development workstation. You can download the VMware Certificate Authority root and leaf certificates and then add them to the operating system root store of the system from which you are connecting to the vCenter Server system.

1. From a client system Web browser, go to the URL of the vCenter Server system or the vCenter Server Virtual Appliance.
2. Click the Download trusted root CA certificates link at the bottom of the grey box on the right and download the file.
3. Change the extension of the file to .zip.
4. The file is a ZIP file of all root certificates and all CRLs in the VMware Endpoint Certificate Store (VECS).
5. Extract the contents of the ZIP file.
6. The result is a .certs folder that contains two types of files. Files with a number as the extension (.0, .1, and so on) are root certificates. Files with an extension that starts with an r (.r0,. r1, and so on) are CRL files associated with a certificate.
7. Install the certificate files as trusted certificates by following the process that is appropriate for your operating system.
   Firefox has its own trusted roots store and does not use the operating system store. If you are working with Firefox, download the certificate as described above, and then select Tools > Options, click Advanced, and click Certificates to import the certificate into Firefox.