You can replace the default self-signed certificate with custom certificate to meet the organization security compliance guidelines.
Verify that you have root credentials for the Appliance/VM where VMware Skyline Health Diagnostics is running
Verify that you have the signed SSL Certificate with the CSR generated in the previous section.
For more information about enabling the root user log in on Photon OS, see https://vmware.github.io/Photon/assets/files/html/3.0/Photon_troubleshoot/permitting-root-login-with-ssh.html(This configuration is not necessary for VMware SHD Appliance as by default it is configured to allow root user logins through SSH)
- SSH to the Appliance/VM where VMware Skyline Health Diagnostics running.
- Log in as a
- To change the working directory to the directory you created during generating this CSR stage, run the
cdcommand. For example,
- To create a new file by name
vieditor, run command virui.crt.
- To copy the content of CA signature that you received from your CA authority, open the CA signed certificate on your desktop using any text editor and copy the content.
- To paste the content to
Ito enable insert mode.
You must see -- INSERT -- in the bottom of the screen pressing the insert mode.
- Right-click to paste the copied certificate details.
- If your CA provides any intermediate certificates, make sure you paste them following the actual certificate.
- Save the file by pressing the following sequence
- Copy the previously generated key and certificate files to the location where default certificates are saved.
cp rui.crt rui.key /opt/vmware-shd/vmware-shd/conf/ssl/
- Restart the web server by running systemctlrestart nginx.
- Log in to the UI using browser and verify that the new certificates are in use.
The web server runs with customer certificates.
What to do next
You see that the services are not available, you can revert to self-signed certificate following the procedure in Reverting to Self-Signed Certificate.