You can generate a new certificate for products that are deployed in vRealize Suite Lifecycle Manager.

Note: For migration from vRealize Suite Lifecycle Manager 1.3 and earlier, the global certificate will not be migrated to locker automatically. However, you can add the older certificate manually in Locker, if required. This populates the older certificate data from the environment's Infrastructure properties.

Prerequisites

  • Certificates that are about to expire in less than 15 days cannot be imported.
  • To manage the certificate for an imported environment, add the certificate in the vRealize Suite Lifecycle Manager and perform inventory sync so that the certificate is mapped to the imported environment, after which replace certificate and scale-out wizards will be aware of the existing certificate.

Procedure

  1. To add a certificate, navigate to Lifecycle Manager > Locker.
  2. You can either select Generate Certificate or Import Certificate.
    Option Description
    Generate CSR
    1. Enter the required text boxes. See Step 3 for the text box descriptions.
    2. Enter the FQDN or IP Address.
    Note: Generate CSR downloads a PEM file. This file can be taken to the certificate authority for signing and can be made as a trusted certificate. You can use the CSR option to sign the certificate authority to make it as a trusted certificate after you download the PEM file.
    Import Certificate
    1. Enter a valid certificate name.
    2. In the Passphrase text box, type <Cert-Password> (if applicable).
    3. Click Browse File and browse to the saved PEM file.
    4. When you upload a PEM file, the private key and certificate chain details are populated automatically.
    5. Enter the private key and certificate chain details manually.
    6. Click Import.
    The requirements for PEM file are:
    • Both certificate chain and key must be in the same file.
    • The PEM file that are imported can have 2048 bits key or 4096 bits key.
    • If the PEM file certificate is encrypted then the passphrase must be provided while importing the certificate into vRealize Suite Lifecycle Manager.
    Generate
    1. Enter the required text boxes.
    2. Select the length of the key.
    3. Enter a valid domain name.
    4. Enter the IP address in which you are assigning the certificate.
  3. Click Generate.
  4. You can click the certificate from the inventory to view the details and its associated environments with their products.
  5. To download or replace the certificate, click the vertical ellipses on the certificate.

Results

vRealize Suite Lifecycle Manager generates a new certificate for the specific domain provided by the user.