Generate Manually Key Pairs and Certificate Signing Requests for the Cloud Management Platform in Region A
vRealize Automation, vRealize Orchestrator and vRealize Business use SSL certificates for secure communication.
Before you begin
Download the vRealize Certificate Generation tool from VMware Knowledge Base article 2107816.
About this task
Repeat this procedure three times, once for vRealize Automation, vRealize Orchestrator and vRealize Business. You place the CSR and key files of each product in a dedicated folder on the Windows host that you use to access the data center.
Product | Folder |
---|---|
vRealize Automation | C:\manual-certs\vRA\ |
vRealize Orchestrator | C:\manual-certs\vRO\ |
vRealize Business | C:\manual-certs\vRB\ |
Procedure
Prepare the vRealize Certificate Generation Tool.
- Log in to the machine that you set up for certificate generation.
- Download the vRealize Certificate Generation Tool and extract the downloaded vRealize Certificate Generation Tool .zip file.
- Copy the certgen.sh file and place it in the /tmp directory.
Change the certgen.sh permissions to execute by using the chmod u+x certgen.sh command.
{#GUID-6BFE3F81-7572-4771-991D-F720BB3B57A7__codeblock_576AC9875BA34A7A87C2E4DEC18C8522 .pre .codeblock} chmod u+x certgen.sh
Run the vRealize Certificate Generation Tool.
Run the certgen.sh script.
{#GUID-6BFE3F81-7572-4771-991D-F720BB3B57A7__codeblock_8E5C2DC6947B4C4486501A9A7F424B59 .pre .codeblock} ./certgen.sh
Enter the following values when prompted.
Prompt
Value
Enter Organization
Rainpole
Enter Organizational Unit
Engineering
Enter Locality/Town
San Francisco
Enter State/Country
CA
Enter Country Code
US
Enter all of the host names for the solution for which you are generating certificates.
Product
Host Names for CSR Generation
vRealize Automation
vra01svr01.rainpole.local
vra01svr01a.rainpole.local
vra01svr01b.rainpole.local
vra01iws01.rainpole.local
vra01iws01a.rainpole.local
vra01iws01b.rainpole.local
vra01ims01.rainpole.local
vra01ims01a.rainpole.local
vra01ims01b.rainpole.local
vRealize Orchestrator
vra01vro01.rainpole.local
vra01vro01a.rainpole.local
vra01vro01b.rainpole.local
vRealize Business
vra01bus01.rainpole.local
When prompted to Enter domain name, enter rainpole.local.
The vRealize Certificate Generation Tool generates a vrealize.csr file in the /tmp directory.
Using scp, Filezilla or Winscp, copy the vrealize.csr and vrealize.key files from the Linux host to the C:\manual-certs\vRA directory on the Windows host.
- Rename vrealize.csr and vrealize.key to vra.csr and vra.key respectively.
- Repeat the procedure for vRealize Orchestrator and vRealize Business.
Parent topic: Generate Manually Key Pairs and Certificate Signing Requests for the Management Components in Region A