Creating and importing certificates signed by a certificate authority (CA) provides the highest level of trust for SSL communications and helps you secure the connections within your cloud. The procedure for version 10.4 includes console proxy settings.
If you want to create and import CA-signed SSL certificates for VMware Cloud Director 10.4.1 or later, see Create and Import CA-Signed SSL Certificates for VMware Cloud Director Appliance 10.4.1 and Later.
The private key password used in this procedure is the root user password, and it is represented as root_password.
Starting with VMware Cloud Director 10.4, both the console proxy traffic and HTTPS communications go over the default 443 port.
For VMware Cloud Director 10.4, you can enable the LegacyConsoleProxy feature from the Feature Flags settings menu under the Administration tab. When you enable LegacyConsoleProxy, each VMware Cloud Director cell must support two different SSL endpoints, one for HTTPS and one for console proxy communications.
This procedure contains console proxy settings because the VMware Cloud Director 10.4 appliance must support the optional activation of the LegacyConsoleProxy feature.
Prerequisites
To verify that this is the relevant procedure for your environment needs, familiarize yourself with SSL Certificate Creation and Management of the VMware Cloud Director Appliance.
Procedure
What to do next
- If you are using wildcard certificates, follow the Deploy the VMware Cloud Director Appliance 10.4.1 and Later with a Signed Wildcard Certificate for HTTPS Communication procedure so that any future appliance instances that you add to the cluster use the same wildcard signed certificates.
- Repeat this procedure on all VMware Cloud Director appliance instances in the server group.
- For more information on replacing the certificates for the embedded PostgreSQL database and for the VMware Cloud Director appliance management user interface, see Replace a Self-Signed Embedded PostgreSQL and VMware Cloud Director Appliance Management UI Certificate.