(Enterprise Deployments Only) On the Manager Service Certificate page, you create or select the authentication certificate that the vRealize Automation IaaS Manager Service host uses. The other IaaS Windows servers connect to the Manager Service host and need to authenticate and trust it.

This page appears only when you host the Manager Service on a separate machine from the IaaS Web server. When they are hosted on the same machine, the Web certificate provides authentication for both roles.



Certificate Action

Keep Existing

Use the certificate already on this IaaS Manager Service host. Verify the details in the entries below, such as the serial number and fingerprint.

Generate Certificate

Use the wizard to generate an IaaS Manager Service host self-signed certificate.

Generate Signing Request

Create a certificate signing request (CSR) file for your certificate authority (CA). A CSR helps your CA create a certificate with the correct values for you to import.

  1. Enter Organization, Organizational Unit, and Country Code (see below).

  2. Click Generate Signing Request.

  3. To download the CSR file for your CA, click the link that appears.


Identify a PEM format certificate file, have the wizard add it to the correct store, and load it for use by vRealize Automation.

Unless you are importing a certificate created from your CSR, this option requires you to enter the certificate private key, private key passphrase (if any), and certificate chain.

When importing a CA-provided PEM that was created from your CSR, leave the private key and passphrase blank.

Provide Certificate Thumbprint

Load a certificate that you already added to the correct store.

Common Name

The FQDN of the IaaS Manager Service host.

In high-availability enterprise deployments with a load balancer in front of multiple Manager Service hosts, this entry is the load balancer FQDN instead.


Enter text to represent your larger department or business unit.

Organizational Unit

Enter text to represent your smaller department or workgroup.

Country Code

Enter an abbreviation for your country of operation.


Unique alphanumeric identifier


Unique alphanumeric string used for identifying a certificate or comparing one against another

Valid Since

Timestamp after which the certificate can be used

Valid To

Timestamp after which the certificate can no longer be used