Generate Manually Key Pairs and Certificate Signing Requests for the Cloud Management Platform in Region A

vRealize Automation, vRealize Orchestrator and vRealize Business use SSL certificates for secure communication.

Before you begin

Download the vRealize Certificate Generation tool from VMware Knowledge Base article 2107816.

About this task

Repeat this procedure three times, once for vRealize Automation, vRealize Orchestrator and vRealize Business. You place the CSR and key files of each product in a dedicated folder on the Windows host that you use to access the data center.

Product Folder
vRealize Automation C:\manual-certs\vRA\
vRealize Orchestrator C:\manual-certs\vRO\
vRealize Business C:\manual-certs\vRB\

Procedure

  1. Prepare the vRealize Certificate Generation Tool.

    1. Log in to the machine that you set up for certificate generation.
    2. Download the vRealize Certificate Generation Tool and extract the downloaded vRealize Certificate Generation Tool .zip file.
    3. Copy the certgen.sh file and place it in the /tmp directory.
    4. Change the certgen.sh permissions to execute by using the chmod u+x certgen.sh command.

      {#GUID-6BFE3F81-7572-4771-991D-F720BB3B57A7__codeblock_576AC9875BA34A7A87C2E4DEC18C8522 .pre .codeblock} chmod u+x certgen.sh

  2. Run the vRealize Certificate Generation Tool.

    1. Run the certgen.sh script.

      {#GUID-6BFE3F81-7572-4771-991D-F720BB3B57A7__codeblock_8E5C2DC6947B4C4486501A9A7F424B59 .pre .codeblock} ./certgen.sh

    2. Enter the following values when prompted.

      Prompt

      Value

      Enter Organization

      Rainpole

      Enter Organizational Unit

      Engineering

      Enter Locality/Town

      San Francisco

      Enter State/Country

      CA

      Enter Country Code

      US

    3. Enter all of the host names for the solution for which you are generating certificates.

      Product

      Host Names for CSR Generation

      vRealize Automation

      vra01svr01.rainpole.local

      vra01svr01a.rainpole.local

      vra01svr01b.rainpole.local

      vra01iws01.rainpole.local

      vra01iws01a.rainpole.local

      vra01iws01b.rainpole.local

      vra01ims01.rainpole.local

      vra01ims01a.rainpole.local

      vra01ims01b.rainpole.local

      vRealize Orchestrator

      vra01vro01.rainpole.local

      vra01vro01a.rainpole.local

      vra01vro01b.rainpole.local

      vRealize Business

      vra01bus01.rainpole.local

    4. When prompted to Enter domain name, enter rainpole.local.

      The vRealize Certificate Generation Tool generates a vrealize.csr file in the /tmp directory.

  3. Using scp, Filezilla or Winscp, copy the vrealize.csr and vrealize.key files from the Linux host to the C:\manual-certs\vRA directory on the Windows host.

  4. Rename vrealize.csr and vrealize.key to vra.csr and vra.key respectively.
  5. Repeat the procedure for vRealize Orchestrator and vRealize Business.

Parent topic: Generate Manually Key Pairs and Certificate Signing Requests for the Management Components in Region A

results matching ""

    No results matching ""