7.0
Table Of Contents
- Managing vRealize Automation
- Contents
- Updated Information
- Managing vRealize Automation
- Starting Up and Shutting Down vRealize Automation
- Updating vRealize Automation Certificates
- Extracting Certificates and Private Keys
- Replace Certificates in the vRealize Automation appliance
- Replace the Infrastructure as a Service Certificate
- Replace the IaaS Manager Service Certificate
- Updating the vRealize Automation Appliance Management Site Certificate
- Replace a Management Agent Certificate
- Managing the vRealize Automation Postgres Appliance Database
- Backup and Recovery for vRealize Automation Installations
- Configuring the Customer Experience Improvement Program for vRealize Automation
- Adjusting System Settings
- Monitoring vRealize Automation
- Monitoring and Managing Resources
- Bulk Import, Update, or Migrate Virtual Machines
- Managing Machines
- Managing Virtual Machines
- Running Actions for Provisioned Resources
Also, you can select the Keep Existing option to keep your existing certificate.
Certificates for the vRealize Automation appliance management site do not have registration
requirements.
With one exception, changes to later components in this list do not affect earlier ones. The exception is
that an updated certificate for IaaS components must be registered with vRealize Automation appliance.
Note If your certificate uses a passphrase for encryption and you fail to enter it when replacing your
certificate on the virtual appliance, the certificate replacement fails and the message Unable to load
private key appears.
For important information about troubleshooting, supportability, and trust requirements for certificates, see
the VMware knowledge base article at http://kb.vmware.com/kb/2106583.
Extracting Certificates and Private Keys
Certificates that you use with the virtual appliances must be in the PEM file format.
The examples in the following table use Gnu openssl commands to extract the certificate information you
need to configure the virtual appliances.
Table 1‑1. Sample Certificate Values and Commands (openssl)
Certificate Authority Provides Command Virtual Appliance Entries
RSA Private Key openssl pkcs12 -in path _to_.pfx
certificate_file -nocerts -out key.pem
RSA Private Key
PEM File openssl pkcs12 -in path _to_.pfx
certificate_file -clcerts -nokeys -out
cert.pem
Certificate Chain
(Optional) Pass Phrase n/a Pass Phrase
Replace Certificates in the vRealize Automation appliance
The system administrator can update or replace a self-signed certificate with a trusted one from a
certificate authority. You can use Subject Alternative Name (SAN) certificates, wildcard certificates, or any
other method of multi-use certification appropriate for your environment as long as you satisfy the trust
requirements.
When you update or replace the vRealize Automation appliance certificate, trust with other related
components is re-initiated automatically.
Procedure
1 Navigate to the vRealize Automation appliance management console by using its fully qualified
domain name, https://vra-va-hostname.domain.name:5480/.
2 Log in with user name root and the password you specified when deploying the vRealize Automation
appliance.
3 Select vRA Settings > Host Settings.
Managing vRealize Automation
VMware, Inc. 10