You can replace your existing certificates for products within the vRealize Suite Lifecycle Manager.

For replacing a vRealize Suite Lifecycle Manager VAMI/VA certificate, see Replace Certificate for vRealize Suite Lifecycle Manager. For re-trust of Identity Manager, see Day 2 Operations with Other Products In vRealize Suite Lifecycle Manager.


Verify that a product has an existing certificate. You can either create or import a certificate in the locker. For information on creating certificates, see Configure Certificate Within Locker.


  1. From the Environment page, select a product card and click on the vertical ellipses.
  2. Click Replace Certificate.
  3. From the Current Certificate, click Next.
  4. Select a Certificate from the drop-down menu and click Next.
  5. Select a certificate and review the certificate summary, and click Next.
  6. To replace a VMware Identity Manager certificate, you must re-trust the products that are already configured. Select the product instance here and click Next.
    By default, all the products are listed under the Re-Trust Product Certificate wizard.
  7. (Optional) Enable the Opt-in for Snapshot checkbox.
    Note: This options enables you to take snapshots for products which do not have certificate rollback built-in. You can use this option to revert the snapshot in case of a failure to replace a certificate. And this is only applicable for vRealize Business for Cloud, VMware Identity Manager, and vRealize Network Insight.

    If the replace certificate request has failed and you have selected to take a snapshot, then you can set the revertToSnapshot flag to true and then submit the failed request to rollback the operaton.

  8. To validate the certificate information, click RUN PRECHECK and click Finish.
  9. Click Accept and Submit.