1. Open a command prompt and navigate to the OpenSSL directory as previously configured in the Configuring OpenSSL article. By default this is  C:\OpenSSL-Win32\bin.
2. Run the command:

   openssl req -new -nodes -out rui.csr -keyout rui-orig.key

   This creates the certificate request rui.csr.

3. Convert the Key to be in RSA format by running these command:

   openssl rsa -in rui-orig.key -out rui.key

Installing and configuring the certificate on the ESXi host 

1. Navigate to the console of the server to enable SSH on the ESXi 6.0 host.
2. Log in to the host and then navigate to /etc/vmware/ssl.
3. Copy the files to a backup location, such as a VMFS volume.
4. Log in to the host with WinSCP or login locally (my preferred method) and navigate to the /etc/vmware/ssl directory.
5. Delete the existing  rui.crt and  rui.key from the directory.
6. Copy the newly created  rui.crt and  rui.key or create them using vi (again my preferred method, I also at the intermediate cert to the .crt file) to the directory using Text Mode or ASCII mode to avoid the issue of special characters (  ^M) appearing in the certificate file.
7. Type vi rui.crt to validate that there are no extra characters.

   Note: There should not be any erroneous  ^M characters at the end of each line.

8. Restart the management agents
   
   /etc/init.d/hostd restart
   

   /etc/init.d/vpxa restart