Update Event Forwarding in Region B

After you replace the certificate of vRealize Log Insight in Region A, you update log forwarding from vRealize Log Insight in Region B to vRealize Log Insight in Region A.

Procedure

  1. Copy the certificate PEM file for vRealize Log Insight in Region A to the root directory of vrli-mstr-01.sfo01.rainpole.local.

    1. Use the scp command, FileZilla, or WinSCP to connect to vrli-mstr-01.sfo01.rainpole.local

    2. Log in using the following credentials.

      |Setting|Value| |:------|:----| |user name|root| |Password|vrli_regionA_root_password|

    3. Navigate to the \root directory on vrli-mstr-01.sfo01.rainpole.local.

    4. Copy the certificate PEM file vrli.sfo01.2.chain.pem on your computer to the \root directory on the master node. Overwrite any existing file with the same name.

  2. Import the root certificate in the Java keystore on each vRealize Log Insight node in Region B.

    1. Open an SSH session and go to the vRealize Log Insight node. |Name|Role| |:---|:---| |vrli-mstr-51.lax01.rainpole.local|Master node| |vrli-wrkr-51.lax01.rainpole.local|Worker node 1| |vrli-wrkr-52.lax01.rainpole.local|Worker node 2|

    2. Log in using the following credentials. |Name|Role| |:---|:---| |User name|root| |Password|vrli_regionB_root_password|

    3. Using scp, remotely copy the the SSL certificate from the master node in Region A.

      {#GUID-995B3186-69CE-4187-8065-21741387D7D0__codeblock_06096AB1DDE3486587302CB09637FFD0 .pre .codeblock} scp [email protected]:/root/vrli.sfo01.2.chain.pem /root/vrli.sfo01.2.chain.pem

    4. When prompted to accept the certificate, type yes.

    5. When prompted for the root password, type the following

      |Setting|Value| |:------|:----| |User name|root| |Password|vrli_regionA_root_password|

    6. Convert the vrli.sfo01.2.chain.pem file into a vrli.sfo01.2.chain.crt file:

      {#GUID-995B3186-69CE-4187-8065-21741387D7D0__codeblock_5B0197B5A9E9495FA20270E1C19E606F .pre .codeblock} openssl x509 -in /root/vrli.sfo01.2.chain.pem -inform PEM -out /root/vrli.sfo01.2.chain.crt

    7. Import the vrli.sfo01.2.chain.crt in the Java keystore of the vRealize Log Insight node.

      ``` {#GUID-995B3186-69CE-4187-8065-21741387D7D0__codeblock_7D0A4F511CC04774B2909BCAD54EFD6A .pre .codeblock} cd /usr/java/default/lib/security/

      ../../bin/keytool -import -alias loginsight -file /root/vrli.sfo01.2.chain.crt -keystore cacerts ```

    8. When prompted for a keystore password, type changeit.

    9. When prompted to accept the certificate, type yes.
    10. Repeat this operation on all vRealize Log Insight nodes and restart them.

  3. Log in to the vRealize Log Insight user interface.

    1. Open a Web browser and go to https://vrli-cluster-51.lax01.rainpole.local.
    2. Log in using the following credentials. |Setting|Value| |:------|:----| |User name|admin| |Password|vrli_admin_password|

  4. In the vRealize Log Insight user interface, click the configuration drop-down menu icon and select Administration.

  5. Under Management, click Event Forwarding.
  6. On the Event Forwarding page, select LAX01 to SFO01 and click the Edit icon.
  7. In the Edit Destination dialog box, click Test to verify that the connection settings are correct.
  8. Click Save to save the forwarding new destination.

Parent topic: Replace Certificates of the Operations Management Components in Region A

Previous topic: Replace the Certificate of vRealize Log Insight in Region A

results matching ""

    No results matching ""