We recommend adding an SSL certificate for your PCF host server to the VMware Aria Operations truststore to help provide an added level of security.

Note:

Different levels of security can be configured in the Management Pack. The least secure configurationis to set theValidate Certificate Against TruststoreAdvanced Setting toFalse. For added security, you can set the Validate Certificate Against Truststore Advanced Setting to True,and the Management Pack will have to verify the SSL certificate on your VMware Aria Operations system. See: Creating an Adapter Instance .

To add the SSL certificate to your VMware Aria Operations truststore:

  1. Obtain the SSL certificate for the Nozzle for PCF, which is stored in the certs folder of the  nozzle's base directory.

  2. Copy the certificate to your VMware Aria Operations machine.

  3. Use ‘ssh’ to log in to the VMware Aria Operations machine as the root user, then run the following command:

    Linux:

    $VCOPS_BASE/jre/bin/keytool -import -alias <product_alias> -file /tmp/<certfile> -keystore “$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore” -storepass `grep ssltruststorePassword /storage/vcops/user/conf/ssl/storePass.properties | sed s/ssltruststorePassword=//` -trustcacerts

    Windows:

    %VCOPS_BASE%\jre\bin\keytool -import -alias <product_alias> C:\path\to\certfile -keystore “%VCOPS_DATA_VCOPS%\user\conf\ssl\tcserver.truststore” -storepass <truststore_password> -trustcacerts

    Parameter Descriptions:

    • -alias is a unique name for each key that you add (per host)

    • certfile is the location where the cert file was saved

  4. Run the reboot command to re-start the VMware Aria Operations machine for the changes to take effect.