To replace existing product certificates, use VMware Aria Suite Lifecycle.

If the product is SSL terminated, you must manually replace the certificate and CA in the load balancer first. The VMware Identity Manager requires this step.

For information about replacing a VMware Aria Suite Lifecycle VAMI/VA certificate, see Replace your VMware Aria Suite Lifecycle custom certificate.

For information about replacing your VMware Identity Manager certificate, see Replace your Workspace ONE Access certificate by using VMware Aria Suite Lifecycle. Note that the VMware Identity Manager and Workspace ONE Access terms are used interchangeably in VMware Aria Suite Lifecycle product documentation.

For information about identity manager trust certificates, see Day 2 operations with other products in VMware Aria Suite Lifecycle.

Prerequisites

Verify that your product has an existing certificate. You can either create or import a certificate in the VMware Aria Suite Lifecycle locker. For information about creating certificates, see Manage certificates for VMware Aria Suite Lifecycle products.

Procedure

  1. From the Environment page, select a product and click on the vertical ellipses.
  2. Click Replace Certificate.
  3. From the Current Certificate, click Next.
  4. Select a certificate from the drop-down menu and click Next.
  5. Review the certificate summary and click Next.
  6. Select the product instance and click Next.

    To replace a Workspace ONE Access certificate, you must re-trust the configured products.

    By default, all the products are listed in the Re-Trust Product Certificate wizard.

  7. (Optional) Select the Opt-in for Snapshot check box.
    Note: This options allows you to take snapshots for products that do not have a built-in certificate rollback capability. You can use this option to revert the snapshot in case of a failure to replace a certificate. The option is only applicable for Workspace ONE Access and VMware Aria Operations for Networks.

    If the replace certificate request fails, you can revert to the snapshot and re-submit the failed request to rollback the operation.

  8. To validate the certificate information, click RUN PRECHECK and click Finish.
  9. Click Accept and Submit.