I recently deployed a new lab and encountered an error from Chrome – err_cert_revoked. Usually I click through the Chrome warnings and accept moving forward in “unsafe” mode.
However, there was no option to continue. The error supplied indicated “You cannon visit <yoursite.com” right now because this certificate has been revoked…”
Since this is an internal lab, I don’t worry much about external certs and what not, i just needed to get in my lab to do some work…
Rename Hosts to correct name
First I found out all my hosts were named “localhost.mylab.com”, so naturally the first step was to fix the host names. Easy. Go to DCUI and change the host names for each host.
Backup certificate and Generate a new certificates
Once I changed all the names, I made a backup of the original certs, just in case by running the following commands under /etc/vmware/ssl
mv rui.crt backup.rui.crt
mv rui.key backup.rui.key
Then generated new certificates by running /sbin/generate-certificates
Rebooted my hosts
Download new certificate
For this step, I opened the esxi UI in FireFox and when I got the error, I had the option to download the certificate and keychain. I clicked on PEM (cert) to download the cert.
Once I downloaded the cert I opened it on my Mac with Keychain Access. I trusted the certificate by double clicking on the cert and under Trust> changed from Use System Defaults to Always Trust under “When using this certificate” drop-down.
THIS IS A LAB ENVIRONMENT (internal). DO NOT TRUST sites you are not familiar with.