This page describes how to update the reference to the vCenter certificate if it has changed, as your running admin cluster and user clusters must be informed of the change. This affects the vCenter.caCertPath field in the admin cluster configuration file and the user cluster configuration files for Google Distributed Cloud.
You can update the certificate references with the gkectl update command as described here.
Update the referenced vCenter certificate in the cluster configuration files
To update the running admin and user clusters to use the new certificate:
Retrieve the new vCenter certificate and unzip it:
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-07 UTC."],[[["This page explains how to update the vCenter certificate reference in Google Distributed Cloud admin and user clusters when the vCenter certificate has changed."],["The process involves updating the `vCenter.caCertPath` field in both the admin and user cluster configuration files to point to the new certificate file."],["The new certificate is downloaded from the vCenter server, saved as `vcenter-ca.pem`, and the path to this file is specified in the cluster configurations."],["The `gkectl update` command is then used to update the running admin and user clusters with the new certificate information using the updated configuration file."],["It is important to update the `vCenter.caCertPath` in the admin workstation configuration file if you create a new one, to make sure that it references the current certificate."]]],[]]
