When you deploy a VMware Cloud Director instance, VMware Cloud Director service generates self-signed certificates and DNS records that you can use for the initial configuration. To secure the connections in your production environment, configure custom DNS records and certificate information.

VMware Cloud Director™ service automates the custom DNS configuration process and the configuration of the Public Addresses information in the VMware Cloud Director instances of your deployment.

Prerequisites

  • Add a Canonical Name (CNAME) record to your domain DNS records that map to the endpoint web addresses for the VMware Cloud Director web Portal, VMware Cloud Director API, and console proxy
    Note: You can view the endpoint web addresses for your VMware Cloud Director instance in the VMware Cloud Director Service Provider Admin Portal.
    1. In the top navigation bar of your VMware Cloud Director Service Provider Admin Portal, click Administration.
    2. In the left panel, under Settings, click Public Addresses.
  • Verify that you have a valid SSL certificate for your deployment.
    • The certificate file must be PEM-encoded.
    • The certificate must be a multi-domain SSL certificate or a wildcard certificate.
    • You need the private key for the certificate in a PEM-encoded file.

Procedure

  1. Log in to VMware Cloud Director service.
  2. Click Cloud Director Instances.
  3. In the card of the VMware Cloud Director instance, click Actions > Associate Custom Domain.
  4. Click the Associate custom domain radio button, and click Next.
  5. Enter the custom domain and certificate information and click Next.
    1. Enter the custom domain name for the web portal and API URL of the VMware Cloud Director instance.
    2. Enter the custom domain name for the console proxy.
    3. Enter the PEM-encoded private key.
    4. Enter the PEM-encoded public key, that is the certificate file.
  6. Click Associate custom domain.

Results

You can access your VMware Cloud Director instance on the configured domain names.

What to do next

If necessary, revert to the default DNS configuration and the self-signed certificate that were generated upon deployment.