You can replace the SSL certificate of the management site service if your certificate expires or if you are using a self-signed certificate and your company security policy requires you to use its SSL certificates. You secure the management site service on port 5480.
Procedure
- Log in by using the appliance console or SSH.
- Back up your current certificate file.
cp /opt/vmware/etc/lighttpd/server.pem /opt/vmware/etc/lighttpd/server.pem-bak
- Copy the new certificate to your appliance by replacing the content of the file
/opt/vmware/etc/lighttpd/server.pem
with the new certificate information.
- Run the following command to restart the lighttpd server.
service vami-lighttp restart
- Run the following command to restart the haproxy service.
- Log in to the management console and validate that the certificate is replaced. You might need to restart your browser.
Note: By default,
vRealize Log Insight installs a self-signed SSL certificate on the virtual appliance.
vRealize Suite Lifecycle Manager generates custom certificates for products during environment creation, but custom certificate generation fails for
vRealize Log Insight. For more information, see KB article
55705.