New-VIMachineCertificateSigningRequest Command | Vmware PowerCLI Reference

New-VIMachineCertificateSigningRequest

This cmdlet generates a new Certificate Signing Request (CSR) for a vCenter Server system or an ESXi host.By default, this cmdlet generates a CSR for a vCenter Server system. If you want to generate a CSR for an ESXi host, you can use the VMHost parameter.This cmdlet requires a connection to a vCenter Server system through the Connect-VIServer cmdlet.

Syntax

New-VIMachineCertificateSigningRequest
-Country < String >
-Email < String >
-Locality < String >
-Organization < String >
-OrganizationUnit < String >
-StateOrProvince < String >
[-CommonName < String > ]
[-KeySize < UInt32 > ]
[-ProgressAction < ActionPreference > ]
[-Server < VIServer > ]
[-SubjectAltName < String[] > ]
[CommonParameters]

Parameters

Required Parameter Name Type Position Features Description
required
Country String named
Provides input for the country field. You must use the two-letter ISO 3166-1 alpha-2 code for the country where your organization is located. For example, US, GB, IN, and so on.
required
Email String named
Provides input for the email field.
required
Locality String named
Provides input for the locality field.
required
Organization String named
Provides input for the organization field.
required
OrganizationUnit String named
Provides input for the organization unit field.
required
StateOrProvince String named
Provides input for the state or province field.
optional CommonName String named
Specifies a common name for the certificate. In the case of a CSR for ESXi, you must use either the ESXi host's FQDN or IP address. The common name must match the identifier you use to add the host to the vCenter Server system. If not specified, the PNID of the vCenter Server system or the FQDN of the ESXi host is the common name.
optional KeySize UInt32 named
Specifies the size of the certificate private key. If not used, the default is 2048 bits.
optional ProgressAction ActionPreference named
optional Server VIServer named
optional SubjectAltName String[] named
Specifies domain names and IP addresses (in addition to the vCenter Server host name) that you want to secure with the certificate.
New-VIMachineCertificateSigningRequest
-CommonName < String >
-Country < String >
-Locality < String >
-Organization < String >
-OrganizationUnit < String >
-StateOrProvince < String >
-VMHost < VMHost >
[-ProgressAction < ActionPreference > ]
[-Server < VIServer > ]
[CommonParameters]

Parameters

Required Parameter Name Type Position Features Description
required
CommonName String named
Specifies a common name for the certificate. In the case of a CSR for ESXi, you must use either the ESXi host's FQDN or IP address. The common name must match the identifier you use to add the host to the vCenter Server system. If not specified, the PNID of the vCenter Server system or the FQDN of the ESXi host is the common name.
required
Country String named
Provides input for the country field. You must use the two-letter ISO 3166-1 alpha-2 code for the country where your organization is located. For example, US, GB, IN, and so on.
required
Locality String named
Provides input for the locality field.
required
Organization String named
Provides input for the organization field.
required
OrganizationUnit String named
Provides input for the organization unit field.
required
StateOrProvince String named
Provides input for the state or province field.
required
VMHost VMHost named
  • pipeline
Specifies an ESXi host for which to generate a CSR.
optional ProgressAction ActionPreference named
optional Server VIServer named
New-VIMachineCertificateSigningRequest
-VMHost < VMHost >
[-ProgressAction < ActionPreference > ]
[-Server < VIServer > ]
[CommonParameters]

Parameters

Required Parameter Name Type Position Features Description
required
VMHost VMHost named
  • pipeline
Specifies an ESXi host for which to generate a CSR.
optional ProgressAction ActionPreference named
optional Server VIServer named

Output

ViMachineCertificateRequestInfo

Examples

Example 1

$csr = New-VIMachineCertificateSigningRequest `
   -Country 'US' `
   -Email '[email protected]' `
   -Locality 'Example Town' `
   -Organization 'Example organization' `
   -OrganizationUnit 'Example organization unit' `
   -StateOrProvince 'Example state'

Creates a CSR for the vCenter Server instance and saves it in the 'csr' variable. You can get the certificate request in PEM format by evaluating $csr.CertificateRequestPEM.

Example 2

$csr = New-VIMachineCertificateSigningRequest 'MyHost'

Creates a CSR for the 'MyHost' ESXi host and saves it in the 'csr' variable. You can get the certificate request in PEM format by evaluating $csr.CertificateRequestPEM.

Related Commands

VIMachineCertificate

This cmdlet retrieves information about the machine SSL certificates in a vCenter Server environment.

This cmdlet sets a machine SSL certificate to a vCenter Server instance or a connected ESXi host.

VIMachineCertificateSigningRequest

This cmdlet generates a new Certificate Signing Request (CSR) for a vCenter Server system or an ESXi host.