vRealize Code Stream uses SSL certificates for secure communication among instances of the vRealize Code Stream. You can obtain certificates from an internal or external certificate authority, or generate self-signed certificates during the deployment process for each component.

For important information about troubleshooting, supportability, and trust requirements for certificates, see the VMware knowledge base article at http://kb.vmware.com/kb/2106583.

You can update or replace certificates after deployment. For example, a certificate may expire or you may choose to use self-signed certificates during your initial deployment, but then obtain certificates from a trusted authority before going live with your vRealize Code Stream implementation. When you do a minimal deployment, you can generate a self-signed certificate during vRealize Code StreamAppliance configuration.

Certificate Chains

If you use certificate chains, specify the certificates in the following order:

  • Client/server certificate signed by the intermediate CA certificate

  • One or more intermediate certificates

  • A root CA certificate

Include the BEGIN CERTIFICATE header and END CERTIFICATE footer for each certificate when you import certificates.