Thanks for the additional info. This is definitely NOT the recommended approach as we prefer not to have our keystore file modified.
The simpler and recommended approach is documented in the SDK-Tutorial doc (part of the additional-sdk-docs.zip), you need to add a serverThumbprint when registering your plugin as a vCenter extension:
FYI, here is the relevant part of this doc:
We recommend to use HTTPS for secure access to your plugin package, in which case your must add a server property next to the client property in the Extension object. The data includes the SHA1 thumbprint of the server providing the .zip file.
<server> <url>https://a-web-server-path/mypluginPackage.zip</url> <description> <label>My plugin</label> <summary>My first vSphere Client plugin</summary> </description> <company>VMware</company> <-- SHA1 thumbprint of the server hosting the .zip file --> <serverThumbprint>3D:E7:9A:85:01:A9:76:DD:AC:5D:83:1C:0E:E0:3C:F6:E6:2F:A9:97</serverThumbprint> <type>HTTPS</type> <adminEmail>your-email</adminEmail></server>