Replacing Hyper-V's Self-Signed Certificates

Replacing Hyper-V's Self-Signed Certificates

Q: How can I replace the self-signed certificates a Hyper-V host uses for server authentication when connecting to one of its virtual machines (VMs) using the Virtual Machine Connection tool?

Related: Windows Server 2012 Hyper-V Security Features

A: You might, for example, want to use a server authentication certificate that's generated by your enterprise Certification Authority (CA) instead of the self-signed Hyper-V certificates. To do this, you would need to follow these steps:

  1. Disable the automatic generation of self-signed certificates on the Hyper-V host.
  2. Delete the existing self-signed certificates.
  3. Request a new server authentication certificate for your Hyper-V host from your enterprise CA.
  4. Install and configure this new certificate on your Hyper-V host.

This process is explained in greater detail in the Microsoft article "Configuring Certificates for Virtual Machine Connection."

Learn More: Using Windows Server 2012 Hyper-V Replica

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.