When you install vCloud Director for Linux, you must create two certificates for each member of the server group and import the certificates into host keystores.

Note: You must create the certificates for the server group members only after installing vCloud Director on Linux. The vCloud Director appliance creates self-signed SSL certificates during its first boot.

Procedure

  1. Log in to the vCloud Director server as root.
  2. List the IP addresses for the server.
    Use a command, such as ifconfig, to discover this server's IP addresses.
  3. For each IP address, run the following command to retrieve the fully qualified domain name (FQDN) to which the IP address is bound.
    nslookup ip-address
  4. Make a note of each IP address and the FQDN associated with it. If you are not using a single IP address for both services, decide which IP address is for the HTTPS service and which is for the console proxy service.
    You must provide the FQDNs when you create the certificates and the IP addresses when you configure the network and database connections. Make a note of any other FQDNs that can reach the IP address, because you must provide them if you want the certificate to include a Subject Alternative Name.

What to do next

Create the certificates for the two endpoints. You can use certificates signed by a trusted certification authority (CA) or self-signed certificates.
Note: CA-signed certificates provide the highest level of trust.