When you install VMware Cloud Director for Linux, you must create certificates for each member of the server group and import the certificates into host truststores.

Note: You must create the certificates for the server group members only after installing VMware Cloud Director on Linux. The VMware Cloud Director appliance creates self-signed SSL certificates during its first boot.

Procedure

  1. Log in to the VMware Cloud Director server as root.
  2. List the IP addresses for the server.
    Use a command, such as ifconfig, to discover this server's IP addresses.
  3. For each IP address, run the following command to retrieve the fully qualified domain name (FQDN) to which the IP address is bound.
    nslookup ip-address
  4. Make a note of each IP address and the FQDN associated with it.

    You must provide the FQDNs when you create the certificates and the IP addresses when you configure the network and database connections. Make a note of any other FQDNs that can reach the IP address, because you must provide them if you want the certificate to include a Subject Alternative Name.

    Starting with VMware Cloud Director 10.4, the HTTPS service and the console proxy service use a single IP address.
    Note: VMware Cloud Director 10.4.1 and later do not support the legacy implementation of the console proxy feature.

What to do next

Create the certificates for the two endpoints. You can use certificates signed by a trusted certification authority (CA) or self-signed certificates.
Note: CA-signed certificates provide the highest level of trust.