After you replace the certificates on Site Recovery Manager, replace the certificates on vSphere Replication in Region A and Region B.

About this task

You can start replacing certificates on vSphere Replication in Region A sfo01m01vrms01.sfo01.rainpole.local first.

Table 1. PKCS#12 Files for vSphere Replication in Region A and Region B

vSphere Replication FQDN

PKCS#12 File Name from the CertGenVVD Tool

sfo01m01vrms01.sfo01.rainpole.local

sfo01m01vrms01.5.p12

lax01m01vrms01.lax01.rainpole.local

lax01m01vrms01.5.p12

Prerequisites

  • CA-signed certificate files generated by using VMware Validated Design Certificate Generation Utility (CertGenVVD). See the VMware Validated Design Planning and Preparation documentation.

Procedure

  1. Upload the PKCS#12 file to vSphere Replication by using the vSphere Replication appliance management interface (VAMI).
    1. Open a Web browser and go to the following URL.

      vSphere Replication

      URL

      vSphere Replication in Region A

      https://sfo01m01vrms01.sfo01.rainpole.local:5480

      vSphere Replication in Region B

      https://lax01m01vrms01.lax01.rainpole.local:5480

    2. Log in using the following credentials.

      Setting

      Value

      User name

      root

      Password

      vr_root_password

    3. On the VR tab, click the Configuration tab.
    4. Enter the password of the service account svc-vr@rainpole.local.
    5. Click Choose File next to Upload PKCS#12 (*.pfx) file and locate the lax01m01vrms01.5.p12 file on your local file system.
    6. Click the Upload and Install button and enter the certificate password when prompted. 

    After you change the SSL certificate, the vSphere Replication status changes to disconnected because the new certificate is not validated by the vSphere Replication instance in the other site.

  2. Reconnect the sites to resolve the connection issue.
    1. Open a Web browser and go to https://sfo01m01vc01.sfo01.rainpole.local/vsphere-client.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      administrator@vsphere.local

      Password

      vsphere_admin_password

    3. On the vSphere Web Client Home page, click vSphere Replication.
    4. Select sfo01m01vc01.sfo01.rainpole.local, click Manage, and select Target Sites.
    5. Right-click lax01m01vc01.lax01.rainpole.local and click Reconnect site.
    6. In the Reconnect Sites dialog box, click Yes to proceed.