You can generate a new certificate for products that are deployed in vRealize Suite Lifecycle Manager.

Note: After an upgrade from vRealize Suite Lifecycle Manager 1.3 to 2.0, if a certificate is generated in the older version of vRealize Suite Lifecycle Manager then such certificates are not available in the latest version under the Certificates tab. However, you can add the older certificate during a scale out by click Add. This populates the older certificate data from the environment's Infrastructure properties.

Prerequisites

  • Certificates that are less than 15 days cannot be imported.
  • To manage the certificate for an imported environment, add the certificate in the LCM and perform the replace certificate operation in the product through LCM.

Procedure

  1. To add a certificate, navigate to Certificate Management > Add Certificate.
  2. You can either select Generate Certificate or Import Certificate.
    Option Description
    Generate Certificate
    1. Enter the required fields. See Step 3 for the field descriptions.
    2. Enter the FQDN or IP Address.
    Import Certificate
    1. Enter a valid certificate name.
    2. In the Passphrase field, type <Cert-Password>.
    3. Click Choose File and browse to the saved PEM file.
    4. When you upload a PEM file, the private key details are populated automatically.
    5. When you upload a PEM file, the certificate details are populated automatically.
  3. To generate a CSR, click GENERATE CSR.
    Enter the required details.
    Fields Description
    Certificate Name Enter a valid certificate name.
    Common Name Enter a common name to identify the certificate.
    Organization Enter the Organization name.
    Organizational Unit Enter the Organization Unit.
    Country Code Enter a country code which should in two characters only.
    Locality Enter your locality.
    State Enter the State.
    Key length Select the length of the key. You can select 2048 or 4096 bits.
    Domain Name Enter a valid domain name.
    IP Address Enter the IP address in which you are assigning the certificate.
  4. Click Generate.
    Generate CSR downloads a PEM file. This file can be taken to the certificate authority for signing and can be made as a trusted certificate. You can use the CSR option to sign the certificate authority to make it as a trusted certificate after you download the PEM file.
  5. You can click the certificate from the inventory to view the details and its associated environments with their products.
  6. While you are creating an environment, you can toggle the Provide Product Specific Certificate to add certificate under the Certificate tab.
    Note: You can also view the associated components that are available for a vRealize Automation instance.
    Enabling the Product Specific Certificate allows you to specify the certificates at the product level but not at the environment level.

Results

vRealize Suite Lifecycle Manager generates a new certificate for the specific domain provided by the user.