diff --git a/nodemgmt-scripts.sh b/nodemgmt-scripts.sh
index 2a389a7d..919e6d8f 100755
--- a/nodemgmt-scripts.sh
+++ b/nodemgmt-scripts.sh
@@ -1495,6 +1495,77 @@ NODEUPDATE() {
 	echo ""
 }
 
+VCENTER_SSL(){
+	function status() {
+	  GREEN='\033[00;32m'
+	  RESTORE='\033[0m'
+	  echo -e "\n...${GREEN}$1${RESTORE}...\n"
+	}
+
+	# Usage: input "Prompt Text" "Variable Name"
+	function input() {
+	  GREEN='\033[00;32m'
+	  RESTORE='\033[0m'
+	  echo -en "\n...${GREEN}$1${RESTORE}: "
+	  read $2
+	  echo -e ""
+	}
+
+	function pressanykey(){
+	  GREEN='\033[00;32m'
+	  RESTORE='\033[0m'
+	  echo -en "\n...${GREEN}$1. Press any key to continue.${RESTORE}..."
+	  read -r -p "" -n 1
+	}
+	
+	if [ ${ESXiHost+x} ] && [ ${ESXiUser+x} ]; then
+		status "Checking for existing ssh keys for $ESXiHost"
+		if [[ -e ~/.ssh/$ESXiHost'_rsa' ]]
+			then
+		    status "Keys for $ESXiHost exist. Continuing"
+		else
+		  status "Keys for $ESXiHost not found. Generating 4096 bit keys"
+		  ssh-keygen -b 4096 -t rsa -f ~/.ssh/$ESXiHost'_rsa' -q -N "" -C "$ESXiUser@$HOSTNAME LetsEncrypt"
+		  status "Adding new key to ssh-agent"
+		  eval `ssh-agent` && ssh-add ~/.ssh/$ESXiHost'_rsa'
+		  status "Configuring $ESXiHost for ssh access"
+		  pubkey=`cat ~/.ssh/$ESXiHost'_rsa.pub'`
+		  ssh $ESXiUser@$ESXiHost "mkdir -p /etc/ssh/keys-$ESXiUser &&
+		  echo $pubkey > /etc/ssh/keys-$ESXiUser/authorized_keys &&
+		  chmod 700 -R /etc/ssh/keys-$ESXiUser &&
+		  chmod 600 /etc/ssh/keys-$ESXiUser/authorized_keys &&
+		  chown -R $ESXiUser /etc/ssh/keys-$ESXiUser &&
+		  /etc/init.d/SSH restart"
+		fi
+
+		time=$(date +%Y.%m.%d_%H:%M:%S)
+		ssh $ESXiUser@$ESXiHost "cp /etc/vmware/ssl/castore.pem /etc/vmware/ssl/castore.pem.back.$time"
+		ssh $ESXiUser@$ESXiHost "cp /etc/vmware/ssl/rui.crt /etc/vmware/ssl/rui.crt.back.$time"
+		ssh $ESXiUser@$ESXiHost "cp /etc/vmware/ssl/rui.key /etc/vmware/ssl/rui.key.back.$time"
+
+		# Copy letsencrypt cert to ESXi target
+		status "Coping letsencrypt cert to $ESXiHost"
+		sudo scp /etc/letsencrypt/live/$ESXiHost/fullchain.pem $ESXiUser@$ESXiHost:/etc/vmware/ssl/castore.pem
+		sudo scp /etc/letsencrypt/live/$ESXiHost/cert.pem $ESXiUser@$ESXiHost:/etc/vmware/ssl/rui.crt
+		sudo scp /etc/letsencrypt/live/$ESXiHost/privkey.pem $ESXiUser@$ESXiHost:/etc/vmware/ssl/rui.key
+
+		# Restart services on ESXi target
+		status "Restarting services on $ESXiHost"
+		ssh $ESXiUser@$ESXiHost "services.sh restart"
+
+		# Disable UPnP http(s) port forward
+		status "Removing http(s) port forwarding"
+		upnpc -d 80 tcp
+		upnpc -d 443 tcp
+
+		# Prompt user to confirm/disable SSH on ESXi target
+		pressanykey "Remember to disable SSH service on $ESXiHost"
+	else
+		echo -e "${idsCL[Red]}Missing required variables.${idsCL[Default]}"
+		exit 1
+	fi
+}
+
 GUI(){
 	DISP_HEADER true true
 	while :