New-VIMachineCertificateSigningRequest
This cmdlet generates a new Certificate Signing Request (CSR) for a vCenter Server system or an ESXi host.By default, this cmdlet generates a CSR for a vCenter Server system. If you want to generate a CSR for an ESXi host, you can use the VMHost parameter.This cmdlet requires a connection to a vCenter Server system through the Connect-VIServer cmdlet.
Syntax
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required
|
Country | String | named |
|
Provides input for the country field. You must use the two-letter ISO 3166-1 alpha-2 code for the country where your organization is located. For example, US, GB, IN, and so on. |
| required
|
String | named |
|
Provides input for the email field. | |
| required
|
Locality | String | named |
|
Provides input for the locality field. |
| required
|
Organization | String | named |
|
Provides input for the organization field. |
| required
|
OrganizationUnit | String | named |
|
Provides input for the organization unit field. |
| required
|
StateOrProvince | String | named |
|
Provides input for the state or province field. |
| optional | CommonName | String | named |
|
Specifies a common name for the certificate. In the case of a CSR for ESXi, you must use either the ESXi host's FQDN or IP address. The common name must match the identifier you use to add the host to the vCenter Server system. If not specified, the PNID of the vCenter Server system or the FQDN of the ESXi host is the common name. |
| optional | KeySize | UInt32 | named |
|
Specifies the size of the certificate private key. If not used, the default is 2048 bits. |
| optional | Server | VIServer | named |
|
|
| optional | SubjectAltName | String[] | named |
|
Specifies domain names and IP addresses (in addition to the vCenter Server host name) that you want to secure with the certificate. |
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required
|
CommonName | String | named |
|
Specifies a common name for the certificate. In the case of a CSR for ESXi, you must use either the ESXi host's FQDN or IP address. The common name must match the identifier you use to add the host to the vCenter Server system. If not specified, the PNID of the vCenter Server system or the FQDN of the ESXi host is the common name. |
| required
|
Country | String | named |
|
Provides input for the country field. You must use the two-letter ISO 3166-1 alpha-2 code for the country where your organization is located. For example, US, GB, IN, and so on. |
| required
|
Locality | String | named |
|
Provides input for the locality field. |
| required
|
Organization | String | named |
|
Provides input for the organization field. |
| required
|
OrganizationUnit | String | named |
|
Provides input for the organization unit field. |
| required
|
StateOrProvince | String | named |
|
Provides input for the state or province field. |
| required
|
VMHost | VMHost | named |
|
Specifies an ESXi host for which to generate a CSR. |
| optional | Server | VIServer | named |
|
Parameters
| Required | Parameter Name | Type | Position | Features | Description |
|---|---|---|---|---|---|
| required
|
VMHost | VMHost | named |
|
Specifies an ESXi host for which to generate a CSR. |
| optional | Server | VIServer | named |
|
Output
ViMachineCertificateRequestInfoExamples
Example 1
$csr = New-VIMachineCertificateSigningRequest ` -Country 'US' ` -Email '[email protected]' ` -Locality 'Example Town' ` -Organization 'Example organization' ` -OrganizationUnit 'Example organization unit' ` -StateOrProvince 'Example state'
Create a certificate signing request for the vCenter Server system and saves it in the csr variable.
Example 2
$csr = New-VIMachineCertificateSigningRequest 'MyHost'
Creates a CSR for the 'MyHost' ESXi host and saves it in the 'csr' variable. You can get the certificate request in PEM format by evaluating $csr.CertificateRequestPEM.
Related Commands
VIMachineCertificate
This cmdlet retrieves information about the machine SSL certificates in a vCenter Server environment.
This cmdlet sets a machine SSL certificate to a vCenter Server instance or a connected ESXi host.
VIMachineCertificateSigningRequest
This cmdlet generates a new Certificate Signing Request (CSR) for a vCenter Server system or an ESXi host.