Problem

The VMware Chargeback UI becomes inaccessible when the self-signed certificate expires.

Note: This issue is relevant only when the UI is accessed over the internet. The UI cannot be accessed by a service provider or tenants if the certificate is not valid.

Solution

You can replace an expired self-signed certificate with a valid certificate for Tenant App.

  1. Log in to VMware Chargeback VA as root and navigate to "/etc/ssl" using the command, # cd /etc/ssl.
  2. Execute the commands in the following sequence.
    • # openssl genrsa -out app.key 2048
    • # openssl rsa -in app.key -out app.key
  3. Replace "/CN=localhost" with customer domain in the command, # openssl req -sha256 -new -key app.key -out app.csr -subj '/CN=localhost'.
  4. Replace "-day 356" based on your requirement in the command, # openssl x509 -req -sha256 -days 365 -in app.csr -signkey app.key -out app.crt # cat app.crt app.key > app.pem.
  5. Restart the openssl by using the command, # systemctl restart sshd.
  6. Reboot VMware Chargeback using the command, # reboot.