Generate Certificate Signing Request

To replace certificate, generate a certificate signing request. Get the certificate signed by certificate authority. Finally replace the certificates for VMware Skyline Health Diagnostics. You can replace the default certificates with your custom certificates.

Prerequisites

Verify that you have root credentials for the Appliance/VM where VMware Skyline Health Diagnostics is running
For more information about enabling the root user log in on Photon OS, see: https://vmware.github.io/Photon/assets/files/html/3.0/Photon_troubleshoot/permitting-root-login-with-ssh.html(This configuration is not necessary for VMware SHD Appliance as by default it is configured to allow root user logins through SSH)

Procedure

Open Appliance/VM Console where VMware Skyline Health Diagnostics is running either from vCenter Server user interface or SSH
Log in as a root user.
To navigate to the root directory, run the command cd /.
To create a directory under the root folder on a VM where VMware Skyline Health Diagnostics is installed, run the command mkdir newcert.
To change the working directory to the new directory, run cdnewcert.
To copy the configuration file to the present location, run the command cp /opt/vmware-shd/vmware-shd/conf/ssl/conf ./..
Edit the configuration as required
1. To edit the configuration file using vi editor, run command vi conf.
2. To match your organization details, edit the [ req_distinguished_name ] section.
3. Set the entries for commonName and DNS.1 to match the FQDN of the VM.
To generate a new certificate signing request run openssl req -new -config conf -newkey rsa:2048 -nodes -keyout rui.key -out rui.csr.

Key and certificate signing request (CSR) files are created in the current directory. (rui.csr, rui.key).
Use the rui.csr file for signing request from our internal/external CA.

Results

Certificate signing request is generated.

What to do next

Send the certificate signing request to your internal or external CA for signing.