After upgrade, use the trust-infra-certs command of the cell management tool to collect and import certificates from the vSphere resources in your environment to the VMware Cloud Director database.

The trust-infra-certs command of the cell management tool automatically gathers the SSL certificates from the vSphere resources in your environment and imports them to the VMware Cloud Director database.

Prerequisites

Verify that the vCenter Server and NSX Manager instances for which you want to import endpoints are up and running.

Procedure

  1. Log in or SSH as root to the OS of the VMware Cloud Director cell.
  2. Run the command in the following form.
    /opt/vmware/vcloud-director/bin/cell-management-tool trust-infra-certs options 
    Table 1. Cell Management Tool Options and Arguments, trust-infra-certs Subcommand
    Option Argument Description
    --help (-h) None Provides a summary of available commands in this category.
    --vsphere None Prompts you to trust certificates for all registered vCenter Server, NSX Data Center for vSphere, and NSX-T Data Center instances in this installation.
    --trust None Optional. Adds certificates to the VMware Cloud Director truststore.
    --inspect Optional. File path. Optional. Displays the certificates into a file.
    --unattended None Optional. The command does not prompt for further input when invoked with this option. All infrastructure certificates are automatically trusted.

Example: Trust and Import All Certificates from vSphere Resources Endpoints

To trust and import the certificates from your vSphere resources endpoints without being prompted for further input, run the command with the following options.
/opt/vmware/vcloud-director/bin/cell-management-tool trust-infra-certs --vsphere --unattended