Generate self-signed certificates on the Mega-POP VM and establish a secure connection with the server.

Create a bash script and run the script to generate the self-signed certificates.


You must know the IP address of the Orchestrator and Mega-POP VMs.


  1. Create a bash script with the following information:
    echo "setting san with " $IP1 $IP2
    yum install java-1.8.0-openjdk-devel -y 
    mkdir -p /data/vcps/config && rm -f /data/vcps/config/cert.jks
    keytool -keystore /data/vcps/config/cert.jks -storetype JKS -storepass passwd -genkey -keyalg RSA -validity 360 -keysize 2048 -alias http -ext san=ip:$IP1,ip:$IP2 -dname "CN=*, OU=eng,, L=Palo Alto S=California C=US"
    echo 'done cert generation'
  2. Run this script at the command prompt