How to create Microsoft Certificate Authority Template For SSL Certificate for vSphere 7.0.
Log into your Windows Certificate Authority Server and run certtmpl.msc console, we will be creating a new template for use by the Machine SSL and solution Users certificate by cloning Web Server Template
On the General tab enter name VCSA70 as the name of the template
On the Extensions tab. Select Application Policies and click Edit and remove Server Authentication and click OK.
Select Key Usage and click Edit. Select the Signature is proof of origin (nonrepudiation) option.
Now is time add new template to certificate templates
run certsrv.msc console and click to Certificate Templates > New > Certificate Template to Issue.
We created a new vSphere 7.0 Certificate Template and it can be used while creating and replacing the Machine SSL certificate for VCSA .