The security of your environment depends on the validity and trust of the management components certificates.

To generate certificates, you use the CertGenVVS utility. See Certificate Generation Utility for VMware Validated Solutions. You regenerate and replace certificates in the following cases:

  • If certificates are approaching expiration.

  • If certificates expired.

  • If certificates are compromised.

  • If certificate attributes (for example, host name or organization name) require changes.

For information on the certificate management design for the Cloud-Based Automation for VMware Cloud Foundation validated solution, see Certificate Management Design for VMware Aria Automation for Cloud-Based Automation for VMware Cloud Foundation.

Replace the Certificate for VMware Aria Automation Orchestrator Within the Cloud Extensibility Proxy for Cloud-Based Automation for VMware Cloud Foundation

You replace the SSL certificate on VMware Aria Automation Orchestrator with the newly generated signed certificate using the CertGenVVS utility.

Prerequisites

  • Generate the signed certificate for VMware Aria Automation Orchestrator with subject alternative names that include the FQDN of the node.

Procedure

  1. To replace the certificate for VMware Aria Automation Orchestrator within the Cloud Extensibility Proxy, follow the steps from the Replace the Certificate of the VMware Aria Automation Orchestrator Instance for Cloud-Based Automation for VMware Cloud Foundation implementation procedure.

What to do next

Retrust the New Certificate of the VMware Aria Automation Orchestrator instance with VMware Aria Automation Assembler.

Retrust the New Certificate for VMware Aria Automation Orchestrator with VMware Aria Automation Assembler for Cloud-Based Automation for VMware Cloud Foundation

After you replace the certificate of VMware Aria Automation Orchestrator within the Cloud Extensibility Proxy, you must re-verify the connection with the VMware Aria Automation Assembler by using the VMware Cloud Console.

Procedure

  1. Log in to the VMware Cloud Services console at https://console.cloud.vmware.com/ with a user assigned the Assembler Administrator and the Service Broker Administrator roles.
  2. On the Services page, locate the VMware Aria Automation tile, and click Launch service.
  3. On the Welcome to VMware Aria Automation page, click the Assembler tile.

  4. Select the Infrastructure tab and, in the left pane, select Connections > Integrations.

  5. On the Integrations page, within the Orchestrator tile, click Open.

  6. On the Orchestrator integration page, click Validate, and then click Save.