6.2
Table Of Contents
- System Administration
- Contents
- System Administration
- Updated Information
- Configuring vRealize Automation
- Configuring System Settings
- Configuring IaaS
- The Customer Experience Improvement Program
- Configure the vRealize Automation Appliance Database
- Perform an Appliance Database Failover
- Validate Appliance Database Replication
- Bulk Import, Update, or Migrate Virtual Machines
- Managing vRealize Automation
- Managing Tenants
- Brand Tenant Login Pages
- Install a Hotfix
- Updating vRealize Automation Certificates
- Extracting Certificates and Private Keys
- Update vRealize Automation Certificates when all are Expired
- Updating the Identity Appliance Certificate
- Updating the vRealize Appliance Certificate
- Updating the IaaS Certificate
- Replace the Identity Appliance Management Site Certificate
- Updating the vRealize Appliance Management Site Certificate
- Replace a Management Agent Certificate
- Resolve Certificate Revocation Errors
- View License Usage
- Monitoring Logs and Services
- Starting Up and Shutting Down vRealize Automation
- Customize Data Rollover Settings
- Remove an Identity Appliance from a Domain
- Backup and Recovery for vRealize Automation Installations
- Backing Up vRealize Automation
- Activate the Failover IaaS Server
- vRealize Automation System Recovery
4 Run the following command to restart the lighttpd server.
service vami-lighttp restart
5 Login to the management console and validate that the certificate is replaced. You might need to
restart your browser.
The new Identity Appliance management site certificate is installed.
Updating the vRealize Appliance Management Site Certiļ¬cate
The system administrator can replace the SSL certificate of the management site service when it expires
or to replace a self-signed certificate with one issued by a certificate authority. You secure the
management site service on port 5480.
The vRealize Appliance uses lighttpd to run its own management site. When you replace a management
site certificate, you must also configure all Management Agents to recognize the new certificate.
If you are running a distributed deployment, you can update Management Agents automatically or
manually. If you are running a minimal deployment, you must update the management agent manually.
See Manually Update Management Agents to Recognize a vRealize Appliance Management Site
Certificate for more information.
1 Replace the vRealize Automation Appliance Management Site Certificate
The vRealize Appliance uses lighttpd to run its own management site. You can replace the SSL
certificate of the management site service if your certificate expires or if you are using a self-signed
certificate and your company security policy requires you to use its SSL certificates. You secure the
management site service on port 5480.
2 Manually Update Management Agents to Recognize a vRealize Appliance Management Site
Certificate
After replacing a vRealize Appliance management site certificate, a system administrator updates all
Management Agents to recognize the new certificate to reestablish trusted communications between
the virtual appliance management site and Management Agents on IaaS hosts. Each IaaS hosts
runs a Management Agent and each Management Agent must be updated.
3 Automatically Update Management Agents in a Distributed Environment to Recognize a vRealize
Appliance Management Site Certificate
After the Management Site certificate is updated in a high-availability deployment, the Management
Agent configuration must be modified so that it recognizes the new certificate. This is necessary to
reestablish trusted communications between the virtual appliance management site and
Management Agents on IaaS host. Each IaaS host runs a Management Agent and each
Management Agent must be updated.
System Administration
VMware, Inc. 62