XenServer - Install a trusted certificate in place of the default self-signed SSL certificate

Information

A certificate from a trusted CA allows for secure identification of the XenServer host to XAPI clients such as XenCenter.

http://www.citrix.com/support/security-compliance/common-criteria.html

Solution

Replace the default certificate for the host XAPI service, located at /etc/xensource/xapi-ssl.pem, and restart. For more information see the Common Criteria Evaluated Configuration Guide for Citrix XenServer 6.0.2.