All Cmdlets by Product VMware vSphere and vSAN VIMachineCertificate

New-VIMachineCertificateSigningRequest

This cmdlet generates a new Certificate Signing Request (CSR) for a vCenter Server system or an ESXi host.By default, this cmdlet generates a CSR for a vCenter Server system. If you want to generate a CSR for an ESXi host, you can use the VMHost parameter.This cmdlet requires a connection to a vCenter Server system through the Connect-VIServer cmdlet.

Syntax

New-VIMachineCertificateSigningRequest
-Country  <String>
-Email  <String>
-Locality  <String>
-Organization  <String>
-OrganizationUnit  <String>
-StateOrProvince  <String>
[-CommonName  <String>]
[-KeySize  <UInt32>]
[-Server  <VIServer>]
[-SubjectAltName  <String[]>]
[CommonParameters]

Parameters

Required Parameter Name Type Position Features Description
required
Country
String named Provides input for the country field. You must use the two-letter ISO 3166-1 alpha-2 code for the country where your organization is located. For example, US, GB, IN, and so on.
required
Email
String named Provides input for the email field.
required
Locality
String named Provides input for the locality field.
required
Organization
String named Provides input for the organization field.
required
OrganizationUnit
String named Provides input for the organization unit field.
required
StateOrProvince
String named Provides input for the state or province field.
optional
CommonName
String named Specifies a common name for the certificate. In the case of a CSR for ESXi, you must use either the ESXi host's FQDN or IP address. The common name must match the identifier you use to add the host to the vCenter Server system. If not specified, the PNID of the vCenter Server system or the FQDN of the ESXi host is the common name.
optional
KeySize
UInt32 named Specifies the size of the certificate private key. If not used, the default is 2048 bits.
optional
Server
VIServer named
optional
SubjectAltName
String[] named Specifies domain names and IP addresses (in addition to the vCenter Server host name) that you want to secure with the certificate.

New-VIMachineCertificateSigningRequest
-CommonName  <String>
-Country  <String>
-Locality  <String>
-Organization  <String>
-OrganizationUnit  <String>
-StateOrProvince  <String>
-VMHost  <VMHost>
[-Server  <VIServer>]
[CommonParameters]

Parameters

Required Parameter Name Type Position Features Description
required
CommonName
String named Specifies a common name for the certificate. In the case of a CSR for ESXi, you must use either the ESXi host's FQDN or IP address. The common name must match the identifier you use to add the host to the vCenter Server system. If not specified, the PNID of the vCenter Server system or the FQDN of the ESXi host is the common name.
required
Country
String named Provides input for the country field. You must use the two-letter ISO 3166-1 alpha-2 code for the country where your organization is located. For example, US, GB, IN, and so on.
required
Locality
String named Provides input for the locality field.
required
Organization
String named Provides input for the organization field.
required
OrganizationUnit
String named Provides input for the organization unit field.
required
StateOrProvince
String named Provides input for the state or province field.
required
VMHost
VMHost named
  • pipeline
    •      		Specifies an ESXi host for which to generate a CSR.
    optional
    Server
    		VIServer named

    New-VIMachineCertificateSigningRequest
    -VMHost  <VMHost>
    [-Server  <VIServer>]
    [CommonParameters]

    Parameters

    Required Parameter Name Type Position Features Description
    required
    VMHost
    		VMHost named
  • pipeline
    •      		Specifies an ESXi host for which to generate a CSR.
    optional
    Server
    		VIServer named

    Output

    ViMachineCertificateRequestInfo

    Examples

    Example 1

    $csr = New-VIMachineCertificateSigningRequest `
    -Country 'US' `
    -Email 'example@dummy.com' `
    -Locality 'Example Town' `
    -Organization 'Example organization' `
    -OrganizationUnit 'Example organization unit' `
    -StateOrProvince 'Example state'

    Create a certificate signing request for the vCenter Server system and saves it in the csr variable.

    Example 2

    $csr = New-VIMachineCertificateSigningRequest 'MyHost'

    Creates a CSR for the 'MyHost' ESXi host and saves it in the 'csr' variable. You can get the certificate request in PEM format by evaluating $csr.CertificateRequestPEM.

    Related Commands

    VIMachineCertificate

    Get-VIMachineCertificate
    This cmdlet retrieves information about the machine SSL certificates in a vCenter Server environment.
    Set-VIMachineCertificate
    This cmdlet sets a machine SSL certificate to a vCenter Server instance or a connected ESXi host.

    VIMachineCertificateSigningRequest

    New-VIMachineCertificateSigningRequest
    This cmdlet generates a new Certificate Signing Request (CSR) for a vCenter Server system or an ESXi host.
    Feedback

    Was this page helpful?

    ©2023 VMware Inc. Terms of Use Privacy Your California Privacy Rights Accessibility Trademarks Glossary Help Contact Us