If your Microsoft certificate authority is already setup and has a VMware template continue with the below instructions. Otherwise follow the official VMware article to assist with setting up one from scratch. The below was tested on VCF 4.4.1.0.

https://docs.vmware.com/en/VMware-Cloud-Foundation/4.4/vcf-admin/GUID-B83D4273-F280-4978-B8BD-63A283F803A9.html

First thing make your IIS is setup for https and with an SSL certificate matching your FQDN of your CA. Below example

Make sure basic authentication is enabled from IIS as well

Login to sddc Manger

Expand administration > Click Security > Click Certificate Management > Click Edit

Select Microsoft has CA

Put in the the url of your CA – https://FQDNofCA/certsrv

Account that has privileges

Password

The exact name of the template in your certificate authority Template

Click Save

Click accept

Now you should be able to generate csrs, generate signed certificates and install certificates from sddc manager

By Kader