You can configure a vRealize Log Insight server to forward incoming events to another Log Insight server via Ingestion API target with SSL.
Event Forwarding with SSL does not work with the self-signed certificate installed on destination servers by default. A custom SSL certificate must be created using the steps in Generate a Certificate Signing Request and then uploaded. See Install a Custom SSL Certificate
- Copy the trusted root certificate into a temporary directory on the forwarder instance. For example /home.
- SSH to the forwarder instance and run the following commands.
localhost:~ # cd /usr/java/default/lib/security/ localhost:/usr/java/default/lib/security # ../../bin/keytool -import -alias loginsight -file /home/cacert.crt -keystore cacertsThe default keystore password is changeit.Note: Java versions might vary with time.
- Restart thevRealize Log Insight instance.
If you use a vRealize Log Insight cluster environment, this operation should be performed on all nodes with the same certificate.
What to do next
Enable SSL connection. See Enforce SSL-Only Connections.