You can replace the default self-signed certificate with custom certificate signed by your certificate authority.

Prerequisites

  1. Verify that you have root credentials for the VMware Skyline Health Diagnostics appliance.

  2. Verify that you have the signed SSL Certificate with the CSR generated in the previous section.

Procedure

  1. Open the appliance console using SSH.
  2. Log in as a root user.
  3. To change the working directory to the directory you created during generating this CSR stage, run the cd command. For example, cd newcert.
  4. To create a new file by name rui.crt using vi editor, run command virui.crt.
  5. To copy the content of CA signature that you received from your CA authority, open the CA signed certificate on your desktop using any text editor and copy the content.
  6. To paste the content to rui.crt file using vi editor, press I to enable insert mode.

    You must see -- INSERT -- in the bottom of the screen pressing the insert mode.

  7. Right-click to paste the copied certificate details.
    1. If your CA provides any intermediate certificates, make sure you paste them following the actual certificate.
  8. Save the file by pressing the following sequence Esc:wq.
  9. Copy the previously generated key and certificate files to the location where default certificate is located.
    1. cp rui.crt rui.key /opt/vmware-shd/vmware-shd/conf/ssl/
  10. Restart the web server by running systemctlrestart nginx.
  11. Log in to the user interface using browser and verify that the new certificate is used.

Results

The Web server runs with customer certificates.

What to do next

If the VMware Skyline Health Diagnostics user interface is not available, you can revert to self-signed certificate following the procedure in Reverting to Self-Signed Certificate.