Update the certificate chain of vRealize Log Insight to use a trusted non-default certificate after deployment or to replace a certificate that is soon to expire. In this way, connection to the vRealize Log Insight user interface remains trusted.

Procedure

  1. Log in to the vRealize Log Insight user interface.
    1. Open a Web browser and go to https://sfo01vrli01.sfo01.rainpole.local.
    2. Log in using the following credentials.

      Setting

      Value

      User name

      admin

      Password

      vrli_admin_password

  2. In the vRealize Log Insight user interface, click the configuration drop-down menu icon  and select Administration.
  3. Under Configuration, click SSL.
  4. On the SSL Configuration page, next to New Certificate File (PEM format) click Choose File, browse to the location of the PEM file on your computer, and click Save.

    Certificate Generation Option

    Certificate File

    Using the CertGenVVD tool

    vrli-for-1-pod.2.chain.pem

    The certificate is uploaded to vRealize Log Insight. 

  5. Open a Web browser and go to https://sfo01vrli01.sfo01.rainpole.local

    A warning message that the connection is not trusted appears.

  6. To review the certificate, click the padlock  in the address bar of the browser, and verify that Subject Alternative Name contains the names of the vRealize Log Insight cluster nodes.
  7. Import the certificate in your Web browser.

    For example, in Google Chrome under the HTTPS/TLS settings click Manage certificates, and in the Certificates dialog box import vrli-chain.pem.  

    You can also use Certificate Manager on Windows or Keychain Access on MAC OS X.