To establish a trusted connection to the user Skyline Collector user interface in Region B, you replace the SSL certificate for the Skyline Collector application with a custom certificate. The custom certificate is signed by the certificate authority available on the parent Active Directory or on the intermediate Active Directory.

Procedure

  1. On the Windows machine that you use to generate certificates, in the C:\CertGenVVD-version\SignedByMSCACerts folder, duplicate the files generated by using the VMware Validated Design Certificate Generation Utility under new file names.
    File Type Original File Name New File Name
    Certificate lax01sky01.2.chain.pem server.pem
  2. Log in to the Skyline Collector virtual appliance by using a Secure Shell (SSH) client.
    1. Open an SSH connection to lax01sky01.lax01.rainpole.local.
    2. Log in by using the following credentials.
      Setting Value
      User name root
      Password skyline_root_password
  3. By using SCP software such as WinSCP, copy and overwrite the existing server.pem file in the /opt/vmware/etc/lighttpd/ directory on the appliance with the generated CA-signed certificate file.
  4. Restart the VAMI service by running the following command.
    /etc/init.d/vami-lighttp restart
  5. After restarting the service, verify that the certificate is updated on the Skyline Collector user interface.
    1. Close any open Web browser windows.
    2. Open a Web browser window and go to https://lax01sky01.lax01.rainpole.local.
    3. Verify that you see the new certificate in the Web browser.