To improve security in your virtualized environment, it is advisable to use the signed certificates because ‘self-signed’ certificate will not be trusted by default in it’s communications with other systems. There are various ways to deploy signed certificates on your Esxi hosts
VMware Endpoint Certificate Store (VECS) serves as a local repository for certificates, private keys, and other certificate information that can be stored in a keystore. You can decide not to use VMCA as your certificate authority and certificate signer, but you
vSphere 6.0 brought many enhancements with it and one of the most significant among them was VMware Certificate Authority which is VMware’s own CA and it eases the pain of certificate management in vSphere 6.