vRealize Code Stream uses SSL certificates for secure communication among instances of the vRealize Code Stream. You can obtain certificates from an internal or external certificate authority, or generate self-signed certificates during the deployment process for each component.
For important information about troubleshooting, supportability, and trust requirements for certificates, see the VMware knowledge base article at http://kb.vmware.com/kb/2106583.
You can update or replace certificates after deployment. For example, a certificate may expire or you may choose to use self-signed certificates during your initial deployment, but then obtain certificates from a trusted authority before going live with your vRealize Code Stream implementation. When you do a minimal deployment, you can generate a self-signed certificate during vRealize Code StreamAppliance configuration.
If you use certificate chains, specify the certificates in the following order:
Client/server certificate signed by the intermediate CA certificate
One or more intermediate certificates
A root CA certificate
Include the BEGIN CERTIFICATE header and END CERTIFICATE footer for each certificate when you import certificates.