Originally a product of w2c/letsencrypt-esxi. Modified for those of us that are either unable or unwilling to expose our ESXi management interfaces to the Internet.

acme-esxi is a lightweight open-source solution to automatically obtain and renew Let's Encrypt or private ACME CA certificates on standalone VMware ESXi servers. Packaged as a VIB archive or Offline Bundle, install/upgrade/removal is possible directly via the web UI or, alternatively, with just a few SSH commands.

Features:

• Fully-automated: Requesting and renewing certificates without user interaction
• Auto-renewal: A cronjob runs once a week to check if a certificate is due for renewal
• Persistent: The certificate, private key and all settings are preserved over ESXi upgrades
• Configurable: Customizable parameters for renewal interval, Let's Encrypt (ACME) backend, etc
• Can be used with any ACME CA: LabCA is a great example.

Successfully tested with all currently supported versions of ESXi (6.5, 6.7, 7.0).

See the Wiki for possible pitfalls and solutions.

acme-esxi is free software;
you can redistribute it and/or modify it under the terms of the
GNU General Public License as published by the Free Software Foundation,
either version 3 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program.  If not, see <http://www.gnu.org/licenses/>.