You can generate a new certificate for products that are deployed in vRealize Suite Lifecycle Manager.


After an upgrade from vRealize Suite Lifecycle Manager 1.3 to 2.0, if a certificate is generated in the older version of vRealize Suite Lifecycle Manager then such certificates are not available in the latest version under the Certificates tab. However, you can add the older certificate during a scale out by click Add. This populates the older certificate data from the environment's Infrastructure properties.


  • Certificates that are less than 15 days cannot be imported.

  • To manage the certificate for an imported environment, add the certificate in the LCM and perform the replace certificate operation in the product through LCM.


  1. To add a certificate, navigate to Certificate Management > Add Certificate.
  2. You can either select Generate Certificate or Import Certificate.



    Generate Certificate

    1. Enter the required fields. See Step 3 for the field descriptions.

    2. Enter the FQDN or IP Address.

    Import Certificate

    1. Enter a valid certificate name.

    2. In the Passphrase field, type <Cert-Password>.

    3. Click Choose File and browse to the saved PEM file.

    4. When you upload a PEM file, the private key details are populated automatically.

    5. When you upload a PEM file, the certificate details are populated automatically.

  3. To generate a CSR, click GENERATE CSR.

    Enter the required details.



    Certificate Name

    Enter a valid certificate name.

    Common Name

    Enter a common name to identify the certificate.


    Enter the Organization name.

    Organizational Unit

    Enter the Organization Unit.

    Country Code

    Enter a country code which should in two characters only.


    Enter your locality.


    Enter the State.

    Key length

    Select the length of the key. You can select 2048 or 4096 bits.

    Domain Name

    Enter a valid domain name.

    IP Address

    Enter the IP address in which you are assigning the certificate.

  4. Click Generate.

    Generate CSR downloads a PEM file. This file can be taken to the certificate authority for signing and can be made as a trusted certificate. You can use the CSR option to sign the certificate authority to make it as a trusted certificate after you download the PEM file.

  5. You can click the certificate from the inventory to view the details and its associated environments with their products.
  6. While you are creating an environment, you can toggle the Provide Product Specific Certificate to add certificate under the Certificate tab.

    You can also view the associated components that are available for a vRealize Automation instance.

    Enabling the Product Specific Certificate allows you to specify the certificates at the product level but not at the environment level.


vRealize Suite Lifecycle Manager generates a new certificate for the specific domain provided by the user.