To establish a trusted connection to vRealize Suite Lifecycle Manager, you replace the SSL certificate on the appliance with a custom certificate that is signed by a certificate authority available on the parent Active Directory or on the intermediate Active Directory. See Certificate Replacement guide for additional information.

About this task

Table 1. Certificate Files for vRealize Suite Lifecycle Manager

vRealize Suite Lifecycle Manager Appliance

Certificate File Name

vrs01lcm01.rainpole.local

  • vrs01lcm01.2.chain.pem

  • vrs01lcm01-orig.key

Prerequisites

  • A certificate signed by a certificate authority, generated using VMware Validated Design Certificate Generation Utility (CertGenVVD).

  • A host with an SSH terminal access software such as PuTTY and an SCP software such as WinSCP installed.

Procedure

  1. Rename the certificates generated using the VMware Validated Design Certificate Generation Utility for vrs01lcm01.rainpole.local.

    Original Certificate File Name

    New Certificate File Name

    vrs01lcm01.2.chain.pem

    server.crt

    vrs01lcm01-orig.key

    server.key

  2. Open a Secure Shell connection to the vRealize Suite Lifecycle Manager appliance
    1. Open an SSH connection to vrs01lcm01.rainpole.local.
    2. Log in using the following credentials.

      Setting

      Value

      Username

      root

      Password

      vrslcm_root_password

  3. Copy the certificate files server.crt and server.key to the /opt/vmware/vlcm/cert folder. You can use an SCP software like WinSCP on Windows.
  4. After copying the certificates, restart the vRealize Suite Lifecycle Manager services to update the appliance certificate.
    1. Restart the system services by executing the following command in the SSH session:
      systemctl restart vlcm-xserver
    2. Check the status of the system services by executing the following command in the SSH session:
      systemctl status vlcm-xserver
  5. After restarting the services, verify that the certificate is updated on the appliance.
    1. Open a browser and go to https://vrs01lcm01.rainpole.local/vrlcm.
    2. Verify that you see the new certificate in the browser.