To prepare the vRealize Automation appliance for use, you configure host settings, generate an SSL certificate, and provide SSO connection information.

Procedure

  1. Open a Web browser to the vRealize Automation appliance management interface URL.

    https://vrealize-automation-appliance-FQDN:5480

  2. Continue past the certificate warning.
  3. Log in with the user name root and the password you entered when you deployed the appliance.
  4. Select vRA Settings > Host Settings.

    Option

    Action

    Resolve Automatically

    Select Resolve Automatically to specify the name of the current host for the vRealize Automation appliance.

    Update Host

    For new hosts, select Update Host. Enter the fully qualified domain name of the vRealize Automation appliance, vra-hostname.domain.name, in the Host Name text box.

    For distributed deployments that use load balancers, select Update Host. Enter the fully qualified domain name for the load balancer server, vra-loadbalancername.domain.name, in the Host Name text box.

    Note:

    Configure SSO settings as described later in this procedure whenever you use Update Host to set the host name.

  5. Select the certificate type from the Certificate Action menu.

    If you are using a PEM-encoded certificate, for example for a distributed environment, select Import.

    Certificates that you import must be trusted and must also be applicable to all instances of vRealize Automation appliance and any load balancer through the use of Subject Alternative Name (SAN) certificates.

    If you want to generate a CSR request for a new certificate that you can submit to a certificate authority, select Generate Signing Request. A CSR helps your CA create a certificate with the correct values for you to import.

    Note:

    If you use certificate chains, specify the certificates in the following order:

    1. Client/server certificate signed by the intermediate CA certificate

    2. One or more intermediate certificates

    3. A root CA certificate

    Option

    Action

    Keep Existing

    Leave the current SSL configuration. Select this option to cancel your changes.

    Generate Certificate

    1. The value displayed in the Common Name text box is the Host Name as it appears on the upper part of the page. If any additional instances of the vRealize Automation appliance available, their FQDNs are included in the SAN attribute of the certificate.

    2. Enter your organization name, such as your company name, in the Organization text box.

    3. Enter your organizational unit, such as your department name or location, in the Organizational Unit text box.

    4. Enter a two-letter ISO 3166 country code, such as US, in the Country text box.

    Generate Signing Request

    1. Select Generate Signing Request.

    2. Review the entries in the Organization, Organization Unit, Country Code, and Common Name text boxes. These entries are populated from the existing certificate. You can edit these entries if needed.

    3. Click Generate CSR to generate a certificate signing request, and then click the Download the generated CSR here link to open a dialog that enables you to save the CSR to a location where you can send it to a certificate authority.

    4. When you receive the prepared certificate, click Import and follow instructions for importing a certificate into vRealize Automation.

    Import

    1. Copy the certificate values from BEGIN PRIVATE KEY to END PRIVATE KEY, including the header and footer, and paste them in the RSA Private Key text box.

    2. Copy the certificate values from BEGIN CERTIFICATE to END CERTIFICATE, including the header and footer, and paste them in the Certificate Chain text box. For multiple certificate values, include a BEGIN CERTIFICATE header and END CERTIFICATE footer for each certificate.

      Note:

      In the case of chained certificates, additional attributes may be available.

    3. (Optional) If your certificate uses a pass phrase to encrypt the certificate key, copy the pass phrase and paste it in the Passphrase text box.

  6. Click Save Settings to save host information and SSL configuration.
  7. If required by your network or load balancer, copy the imported or newly created certificate to the virtual appliance load balancer.

    You might need to enable root SSH access in order to export the certificate.

    1. If not already logged in, log in to the vRealize Automation appliance Management Console as root.
    2. Click the Admin tab.
    3. Click the Admin sub menu.
    4. Select the SSH service enabled check box.

      Deselect the check box to disable SSH when finished.

    5. Select the Administrator SSH login check box.

      Deselect the check box to disable SSH when finished.

    6. Click Save Settings.
  8. Configure the SSO settings.
  9. Click Services.

    All services must be running before you can install a license or log in to the console. They usually start in about 10 minutes.

    Note:

    You can also log in to the appliance and run tail -f /var/log/vcac/catalina.out to monitor service startup.

  10. Enter your license information.
    1. Click vRA Settings > Licensing.
    2. Click Licensing.
    3. Enter a valid vRealize Automation license key that you downloaded when you downloaded the installation files, and click Submit Key.
    Note:

    If you experience a connection error, you might have a problem with the load balancer. Check network connectivity to the load balancer.

  11. Select whether to enable vRealize Code Stream.

    vRealize Code Stream is not supported for high-availability or production vRealize Automation deployments, and requires the vRealize Code Stream Management Pack. See Licensing vRealize Code Stream.

  12. Click Messaging. The configuration settings and status of messaging for your appliance is displayed. Do not change these settings.
  13. Click the Telemetry tab to choose whether to join the VMware Customer Experience Improvement Program (CEIP).

    Details regarding the data collected through CEIP and the purposes for which it is used by VMware are set forth at the Trust & Assurance Center at http://www.vmware.com/trustvmware/ceip.html.

    • Select Join the VMware Customer Experience Improvement Program to participate in the program.

    • Deselect Join the VMware Customer Experience Improvement Program to not participate in the program.

  14. Click Save Settings.
  15. Confirm that you can log in to vRealize Automation.
    1. Open a Web browser to the vRealize Automation product interface URL.

      https://vrealize-automation-appliance-FQDN/vcac

    2. If prompted, continue past the certificate warnings.
    3. Log in with administrator@vsphere.local and the password you specified when you configured SSO.

      The interface opens to the Tenants page on the Administration tab. A single tenant named vsphere.local appears in the list.