6.2
Table Of Contents
- System Administration
- Contents
- System Administration
- Updated Information
- Configuring vRealize Automation
- Configuring System Settings
- Configuring IaaS
- The Customer Experience Improvement Program
- Configure the vRealize Automation Appliance Database
- Perform an Appliance Database Failover
- Validate Appliance Database Replication
- Bulk Import, Update, or Migrate Virtual Machines
- Managing vRealize Automation
- Managing Tenants
- Brand Tenant Login Pages
- Install a Hotfix
- Updating vRealize Automation Certificates
- Extracting Certificates and Private Keys
- Update vRealize Automation Certificates when all are Expired
- Updating the Identity Appliance Certificate
- Updating the vRealize Appliance Certificate
- Updating the IaaS Certificate
- Replace the Identity Appliance Management Site Certificate
- Updating the vRealize Appliance Management Site Certificate
- Replace a Management Agent Certificate
- Resolve Certificate Revocation Errors
- View License Usage
- Monitoring Logs and Services
- Starting Up and Shutting Down vRealize Automation
- Customize Data Rollover Settings
- Remove an Identity Appliance from a Domain
- Backup and Recovery for vRealize Automation Installations
- Backing Up vRealize Automation
- Activate the Failover IaaS Server
- vRealize Automation System Recovery
4 Select the certificate type from the Choose Action menu.
If you are using a PEM-encoded certificate, for example for a distributed environment, select Import
PEM Encoded Certificate.
Certificates that you import must be trusted and must also be applicable to all instances of vRealize
Appliance and any load balancer by using Subject Alternative Name (SAN) certificates.
Note If you use certificate chains, specify the certificates in the following order:
n
The client/server certificate signed by the intermediate CA certificate
n
One or more intermediate certificates
n
A root CA certificate
Option Action
Import PEM Encoded Certificate a Copy the certificate values from BEGIN PRIVATE KEY to END PRIVATE KEY,
including the header and footer, and paste them in the RSA Private Key text
box.
b Copy the certificate values from BEGIN CERTIFICATE to END
CERTIFICATE, including the header and footer, and paste them in the
Certificate Chain text box.
c (Optional) If your certificate uses a pass phrase to encrypt the certificate key,
copy the pass phrase and paste it in the Pass Phrase text box.
Generate Self-Signed Certificate a Type a common name for the self-signed certificate in the Common Name
text box. You can use the fully qualified domain name of the virtual appliance
(hostname.domain.name) or a wild card, such as *.mycompany.com.
b Type your organization name, such as your company name, in the
Organization text box.
c Type your organizational unit, such as your department name or location, in
the Organizational Unit text box.
d Type a two-letter ISO 3166 country code, such as US, in the Country text
box.
Keep Existing Leave the current SSL configuration. Select this option to cancel your changes.
5 Click Apply Settings.
The certificate is updated.
Update the vRealize Appliance with the Identity Appliance Certiļ¬cate
After the Identity Appliance certificate is updated, the system administrator updates the vRealize
Appliance with the new certificate information. This process reestablishes trusted communications
between the virtual appliances.
Use the import-certificate command to import the SSL certificate from the Identity Appliance into the
SSL keystore used by the vRealize Appliance. The alias value specifies the alias under which the
imported certificate is stored in the keystore, and url is the address of the SSL endpoint.
System Administration
VMware, Inc. 53