To prepare the vRealize Appliance for use, a system administrator configures the host settings, generates an SSL certificate, and provides SSO connection information.

Procedure

  1. Navigate to the vRealize Appliance management console by using its fully qualified domain name, https://vcac-va-hostname.domain.name:5480/.
  2. Continue past the certificate warning.
  3. Log in with user name root and the password you specified when you deployed vRealize Appliance.
  4. Select vRA Settings > Host Settings and select Resolve Automatically to view the name of the currently specified host.
  5. (Optional) : If you want to change the host name, select Update Host and enter the fully qualified domain name, vra-hostname.domain.name, of the vRealize Appliance in the Host Name text box. If you are using a load balancer, enter the fully qualified domain name for the load balancer server.
  6. Go to the SSL Configuration panel.
  7. Select the certificate type from the Certificate Action menu. If you are using a PEM encoded certificate, for example for a distributed environment, select Import.

    Certificates that you import must be trusted and must also be applicable to all instances of vRealize Appliance and any load balancer through the use of Subject Alternative Name (SAN) certificates.

    Note:

    If you use certificate chains, specify the certificates in the following order:

    • Client/server certificate signed by the intermediate CA certificate

    • One or more intermediate certificates

    • A root CA certificate

    Option

    Action

    Import

    1. Copy the certificate values from BEGIN PRIVATE KEY to END PRIVATE KEY, including the header and footer, and paste them in the RSA Private Key text box.

    2. Copy the certificate values from BEGIN CERTIFICATE to END CERTIFICATE, including the header and footer, and paste them in the Certificate Chain text box. For multiple certificate values, include a BEGIN CERTIFICATE header and END CERTIFICATE footer for each certificate.

    3. (Optional) If your certificate uses a pass phrase to encrypt the certificate key, copy the pass phrase and paste it in the Pass Phrase text box.

    Generate Certificate

    1. Type a common name for the self-signed certificate in the Common Name text box. You can use the fully qualified domain name of the virtual appliance (hostname.domain.name) or a wild card, such as *.mycompany.com. If you use a load balancer, you need to specify the FQDN of the load balancer or a wildcard that matches the name of the load balancer. Do not accept a default value if one is shown, unless it matches the host name of the virtual appliance.

    2. Type your organization name, such as your company name, in the Organization text box.

    3. Type your organizational unit, such as your department name or location, in the Organizational Unit text box.

    4. Type a two-letter ISO 3166 country code, such as US, in the Country text box.

    Keep Existing

    Leave the current SSL configuration. Select this option to preserve your settings.

  8. Click Save Settings to save host information and SSL configuration.
  9. Configure the SSO settings that the vRealize Appliance uses to interact with the Identity Appliance. These settings must match the settings you entered when configuring the Identity Appliance.
    1. Click SSO.
    2. Type the fully qualified domain name of the Identity Appliance, identity-va-hostname.domain.name in the SSO Host text box. Do not use an https:// prefix.

      For example, vcac-sso.mycompany.com.

    3. The default port number, 7444, is displayed in the SSO Port text box. Edit this value if you are using a non-default port.
    4. Do not modify the default tenant name, vsphere.local, in the SSO Default Tenant text box.
    5. Type the default administrator name administrator@vsphere.local in the SSO Admin User text box.
    6. Type the SSO administrator password in the SSO Admin Password text box. The password must match the password you specified in the SSO settings for the Identity Appliance.
    7. Click Save Settings.

      After a few minutes, a success message appears and SSO Status is updated to Connected.

    8. (Optional) : Select Apply Branding to apply vRealize Automation branding to your installation.

      Use this option if you are installing from vCenter and want to use vRealize Automation instead of vCenter branding.

    9. (Optional) : If the spinner does not stop within a few minutes, exit the appliance, close the browser, and log in again.
  10. If you plan to deploy your PostgreSQL database on a standalone host, specify the database information.
    1. Click Database.
    2. Specify the host, port, database name (the default is vcac), and the database authentication information for the PostgreSQL database.
    3. Click Save Settings.
  11. If you see the message Error restarting VCAC server after you click Save Settings, ignore the message and continue with the next step.
  12. Click Messaging. The configuration settings and status of messaging for your appliance is displayed. Do not change these settings.
  13. Click the Telemetry tab.

    You can choose to participate in the Customer Experience Improvement Program. You can unsubscribe from the program at any time.

    • Select Enable to activate the Program.

    • Deselect Enable to unsubscribe from the Program.

    When you enable the Program, vRealize Automation attempts to establish a connection to https://vmware.com and to automatically discover any proxy server you might have configured for your vRealize Automation deployment.

  14. Click Services.

    The following services must be running before you can log in to the console. Depending on your site configuration, this can take about 10 minutes.

    • authorization

    • authentication

    • eventlog-service

    • shell-ui-app

    • branding-service

    • plugin-service

    Note:

    You can log in to the appliance and run tail -f /var/log/vcac/catalina.out to monitor startup of the services.

  15. Configure the license to enable the Infrastructure tab on the vRealize Automation console.
    1. Click vRA Settings > Licensing.
    2. Click Licensing.
    3. Type a valid vRealize Automation license key that you downloaded when you downloaded the installation files, and click Submit Key.
    Note:

    If you experience a connection error, you might have a problem with the load balancer. Check network connectivity to the load balancer.

  16. Confirm that you can log in to the vRealize Automation console.
    1. Open a browser and navigate to https://vcac-hostname.domain.name/vcac.
    2. Accept the vRealize Automation certificate.
    3. Accept the SSO certificate.
    4. Log in with administrator@vsphere.local and the password you specified when you configured SSO.

      The console opens to the Tenants page on the Administration tab. A single tenant named vsphere.local appears in the list.

Results

You have finished the deployment and configuration of your vRealize Appliance. If the appliance does not function correctly after configuration, redeploy and reconfigure the appliance. Do not make changes to the existing appliance.