You can configure a vRealize Log Insight server to forward incoming events to another Log Insight server via Ingestion API target with SSL.

Prerequisites

Event Forwarding with SSL does not work with the self-signed certificate installed on destination servers by default. A custom SSL certificate must be created using the steps in Generate a Certificate Signing Request and then uploaded. See Install a Custom SSL Certificate

Procedure

  1. Copy the trusted root certificate into a temporary directory on the forwarder instance. For example /home.
  2. SSH to the forwarder instance and run the following commands.
    localhost:~ # cd /usr/java/default/lib/security/
    localhost:/usr/java/default/lib/security # ../../bin/keytool
    -import -alias loginsight -file /home/cacert.crt -keystore cacerts
    

    The default keystore password is changeit.

    Note:

    Java versions might vary with time.

  3. Restart the vRealize Log Insight instance.

    If you use a vRealize Log Insight cluster environment, this operation should be performed on all nodes with the same certificate.

What to do next

Enable SSL connection. See Enforce SSL-Only Connections.