After you replace the certificate of vRealize Log Insight in Region B, you update log forwarding from vRealize Log Insight in Region A to vRealize Log Insight in Region B.
Procedure
- Copy the certificate PEM file for vRealize Log Insight in Region B to the root directory of vrli-mstr-51.lax01.rainpole.local
- Use the scp command, FileZilla, or WinSCP to connect to vrli-mstr-51.lax01.rainpole.local
- Log in using the following credentials.
Setting |
Value |
user name |
root |
Password |
vrli_regionB_root_password |
- Navigate to the \root directory on vrli-mstr-51.lax01.rainpole.local
- Copy the certificate PEM file vrli.lax01.2.chain.pem from your computer to the \root directory on the master node. Overwrite any existing file with the same name.
- Import the root certificate in the Java keystore on each vRealize Log Insight node in Region A.
- Open an SSH session to the vRealize Log Insight node.
Name |
Role |
vrli-mstr-01.sfo01.rainpole.local |
Master node |
vrli-wrkr-01.sfo01.rainpole.local |
Worker node 1 |
vrli-wrkr-02.sfo01.rainpole.local |
Worker node 2 |
- Log in using the following credentials.
Setting |
Value |
User name |
root |
Password |
vrli_regionA_root_password |
- By using scp copy the SSL certificate from the master node of vRealize Log Insight in Region B.
scp root@vrli-mstr-51.lax01.rainpole.local:/root/vrli.lax01.2.chain.pem /root/vrli.lax01.2.chain.pem
- When prompted to accept the certificate, type yes
- When prompted for the root password, use the following credentials.
Setting |
Value |
User name |
root |
Password |
vrli_regionB_root_password |
- Convert the vrli.lax01.2.chain.pem file to a vrli.lax01.2.chain.crt file.
openssl x509 -in /root/vrli.lax01.2.chain.pem -inform PEM -out /root/vrli.lax01.2.chain.crt
- Import the vrli.lax01.2.chain.crt in the Java keystore of the vRealize Log Insight node:
cd /usr/java/default/lib/security/
../../bin/keytool -import -alias loginsight -file /root/vrli.lax01.2.chain.crt -keystore cacerts
- When prompted for a keystore password, type changeit
- When prompted to accept the certificate, type yes
- Repeat this operation on all vRealize Log Insight nodes in Region A and restart them.
- Log in to the vRealize Log Insight user interface.
- Open a Web browser and go to https://vrli-cluster-01.sfo01.rainpole.local.
- Log in using the following credentials.
Setting |
Value |
User name |
admin |
Password |
vrli_admin_password |
- In the vRealize Log Insight user interface, click the configuration drop-down menu icon
and select Administration.
- Under Management, click Event Forwarding.
- On the Event Forwarding page, select SFO01 to LAX01 and select the Edit icon.
- In the Edit Destination dialog box, click Test to verify that the connection settings are correct.
- Click Save to save the forwarding new destination.