Today I had an interesting question (at least to me) on the SSL certificates validity of vCenter. Based on this link (http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1009092), the validity of the default SSL certificate is 2 years for vCenter 2.5 and 10 years for vCenter 4.x. So has that changed from v5.x onwards? Let’s see.
I grab out my rui.crt in my lab vCenter (C:\Documents and Settings\All Users\Application Data\VMware\VMware VirtualCenter\SSL) and run them in this free site tool, you can use openssl in Linux or importing them in Windows CA etc to do it but this, I find is the easiest and fastest way. Open the rui.crt file in notepad.exe and copy the contents and input into the text box in this URL: https://www.sslshopper.com/certificate-decoder.html
You should be able to output contents of your certificate eg.
Similarly to find out the validity for ESXi, scp into ESXi after enabling SSH in your ESXi services, and go to /etc/
This is the result.
So the validity stays at 10 years still in vCenter 5.x but ESXi seems to be 12 years.
Hope this helps answer anyone who has a security colleague who has this burning question in mind. 🙂