By default, the embedded PostgreSQL database and the VMware Cloud Director appliance management user interface share a set of self-signed SSL certificates. For increased security, you can replace the default self-signed certificates with certificate authority (CA) signed certificates.
When you deploy the VMware Cloud Director appliance, it generates self-signed certificates with a validity period of 365 days. The VMware Cloud Director appliance uses two sets of SSL certificates. Starting with VMware Cloud Director 10.4, both the console proxy traffic and HTTPS communications go over the default 443 port and the VMware Cloud Director service uses one certificate for HTTPS communications that includes the console proxy communications. The embedded PostgreSQL database and the VMware Cloud Director appliance management user interface share the other set of SSL certificates.
Procedure
Results
The new certificate is imported to the VMware Cloud Director truststore on other VMware Cloud Director cells the next time the appliance-sync function runs. The operation might take up to 60 seconds.