Create Self-Signed Certificates on the Mega-POP VM

Generate self-signed certificates on the Mega-POP VM and establish a secure connection with the server.

Create a bash script and run the script to generate the self-signed certificates.

Prerequisites

You must know the IP address of the Orchestrator and Mega-POP VMs.

Procedure

Create a bash script cert-gen.sh with the following information:

#!/bin/bash
   
IP1=$1
IP2=$2
   
echo "setting san with " $IP1 $IP2

yum install java-1.8.0-openjdk-devel -y 
mkdir -p /data/vcps/config && rm -f /data/vcps/config/cert.jks
keytool -keystore /data/vcps/config/cert.jks -storetype JKS -storepass passwd -genkey -keyalg RSA -validity 360 -keysize 2048 -alias http -ext san=ip:$IP1,ip:$IP2 -dname "CN=*.eng.vmware.com, OU=eng, O=vmware.com, L=Palo Alto S=California C=US"
 
echo 'done cert generation'

Run this script at the command prompt
./certgen.sh $ORCH_IP $MEGAPOP_IP