In vSphere 6.0 you have Solution Users that internal vCenter/PSC services use to interact. These Solution Users use certificates to log into services and components instead of maintaining passwords.
You have the option to replace these certificates with your own certificates or use VMCA issued certificates.
To solve a separate problem, the ability to control the Certificate Subject information in the Solution Users was added in an update to the vSphere Certificate-Manager with 6.0 U1b that allows the user to specify the Subject information for each Solution User.
Update: vSphere 6.0 U3 has made improvements to the Certificate-Manager to prevent you from getting into this issue. You will be only asked to complete one cfg file and the tool will automatically make a value unique using the Solution User ID.
Continue reading “Caution: Solution User Certificates in vSphere 6.0”