7.3
Table Of Contents
- Managing vRealize Automation
- Contents
- Managing vRealize Automation
- Updated Information
- Maintaining and Customizing vRealize Automation Components and Options
- Broadcast a Message on the Message Board Portlet
- Starting Up and Shutting Down vRealize Automation
- Updating vRealize Automation Certificates
- Extracting Certificates and Private Keys
- Replace Certificates in the vRealize Automation Appliance
- Replace the Infrastructure as a Service Certificate
- Replace the IaaS Manager Service Certificate
- Update Embedded vRealize Orchestrator to Trust vRealize Automation Certificates
- Update External vRealize Orchestrator to Trust vRealize Automation Certificates
- Updating the vRealize Automation Appliance Management Site Certificate
- Replace a Management Agent Certificate
- Change the Polling Method for Certificates
- Managing the vRealize Automation Postgres Appliance Database
- Backup and Recovery for vRealize Automation Installations
- The Customer Experience Improvement Program
- Adjusting System Settings
- Monitoring vRealize Automation
- Monitoring vRealize Automation Health
- Monitoring and Managing Resources
- Monitoring Containers
- Bulk Import, Update, or Migrate Virtual Machines
Replace Certiļ¬cates in the vRealize Automation Appliance
The system administrator can update or replace a self-signed certificate with a trusted one from a
certificate authority. You can use Subject Alternative Name (SAN) certificates, wildcard certificates, or any
other method of multi-use certification appropriate for your environment as long as you satisfy the trust
requirements.
When you update or replace the vRealize Automation appliance certificate, trust with other related
components is re-initiated automatically. See Updating vRealize Automation Certificates for more
information about updating certificates.
Procedure
1 Open a Web browser to the vRealize Automation appliance management interface URL.
2 Log in with user name root and the password you specified when deploying the vRealize Automation
appliance.
3 Select vRA Settings > Host Settings.
4 Select the certificate type from the Certificate Action menu.
If you are using a PEM-encoded certificate, for example for a distributed environment, select Import.
Certificates that you import must be trusted and must also be applicable to all instances of
vRealize Automation appliance and any load balancer through the use of Subject Alternative Name
(SAN) certificates.
If you want to generate a CSR request for a new certificate that you can submit to a certificate
authority, select Generate Signing Request. A CSR helps your CA create a certificate with the
correct values for you to import.
Note If you use certificate chains, specify the certificates in the following order:
a Client/server certificate signed by the intermediate CA certificate
b One or more intermediate certificates
c A root CA certificate
Option Action
Keep Existing Leave the current SSL configuration. Select this option to cancel your changes.
Generate Certificate a The value displayed in the Common Name text box is the Host Name as it
appears on the upper part of the page. If any additional instances of the
vRealize Automation appliance available, their FQDNs are included in the
SAN attribute of the certificate.
b Enter your organization name, such as your company name, in the
Organization text box.
c Enter your organizational unit, such as your department name or location, in
the Organizational Unit text box.
d Enter a two-letter ISO 3166 country code, such as US, in the Country text
box.
Managing vRealize Automation
VMware, Inc. 14