If you use the custom certificate for vRealize Suite Lifecycle Manager instead of default self-signed certificate, you replace the vRealize Suite Lifecycle Manager certificate.

Prerequisites

  • A X509 PEM base-64 encoded certificate and private key. Make sure the private key is not encrypted.
  • A machine with an SSH access to vRealize Suite Lifecycle Manager, and software such as PuTTY and an SCP software such as WinSCP installed on it.

Procedure

  1. Rename the certificate to server.crt and private key to server.key.
  2. Open a Secure Shell connection vRealize Suite Lifecycle Manager appliance as root user.
  3. Copy the certificate files server.crt and server.key to the /opt/vmware/vlcm/cert folder. You can use an SCP software like WinSCP on Windows. Make sure to backup the original files before copying.
  4. After copying the certificates, restart the vRealize Suite Lifecycle Manager proxy services to update the appliance certificate.
    1. Restart the system services by executing the following command in the SSH session: systemctl restart nginx.
    2. Check the status of the system services by executing the following command in the SSH session: systemctl status nginx.
  5. After restarting the services, verify that the certificate is updated on the appliance, open a browser and go to https://<lcm-server-host>.
  6. Verify that you see the new certificate in the browser.