You can configure VMware Cloud Provider Lifecycle Manager to use a custom certificate.

To configure a custom certificate on VMware Cloud Provider Lifecycle Manager, you must provide a PKCS12 keystore containing the certificate.

Procedure

  1. Generate the custom certificate and create the keystore.
    CPLCM_CERT_DIR=/opt/vmware/cplcm/security/certs
    mkdir -p $CPLCM_CERT_DIR
    key_alias=vcplcm
    keystore_password=$CPLCM_KEYSTORE_PW
    subj="/CN=VCPLCM, O=VMware\, Inc, c=US"
    openssl req -x509 -newkey rsa:4096 -subj "$subj" -keyout $CPLCM_CERT_DIR/tmpKey.pem -out $CPLCM_CERT_DIR/tmpCert.pem -days 365 -nodes
    openssl pkcs12 -export -out $CPLCM_CERT_DIR/vcplcm.p12 -name $key_alias -passout "pass:$keystore_password" -inkey $CPLCM_CERT_DIR/tmpKey.pem -in $CPLCM_CERT_DIR/tmpCert.pem
  2. After importing the keystore, remove the tmp key and certificate.
    rm $CPLCM_CERT_DIR/tmpKey.pem
    rm $CPLCM_CERT_DIR/tmpCert.pem