When I was playing around with the new released vRealize Suite Lifecycle Manager 1.2, I discovered that during the .ovf deployment there was no option to use a signed certificate.
This article describes how to replace the self signed certificate for a signed certificate on the vLCM appliance.
1. Deploy the vLCM 1.2 appliance using the ova file. (I used VMware-vLCM-Appliance-18.104.22.168-8234885_OVF10.ova)
2. Check the self signed certificate in the web browser when accessing the vLCM home page. It should look like the following picture.
3. You can find this self signed certificate with it’s private key on the vLCM appliance on the following location /opt/vmware/vlcm/cert. The files are called server.crt and server.key.
4. Make a backup of these files. (I renamed them to server.crt.bck and server.key.bck)
5. Generate your signed certificate and upload the signed certificate with it’s private key to the vLCM appliance on the same location as where you found the self signed certificate. See picture below.
6. Now restart the service vlcm-xserver by using the command systemctl restart vlcm-xserver.
7. Next check for the status of the vlcm-xserver service by using the command systemctl status vlcm-xserver. It will tell you if the service is active or not.
8. Finally check again for the certificate in the web browser when accessing the vLCM home page. Now it should use your signed certificate. Just like the picture below.
So that’s all. Pretty easy right 😉