This article is purposed for someone who needs to replace their expired SSL Certificate in VRA environment. Actually there are two options to replace the certificate:
- You can directly replace the SSL Certificate using this VMWare KB
- You can upload via vRealize Suite Lifecycle Manager
In this article, I will explain the tutorial using the second options (via vRealize Suite LIfecycle manager).
Pre-requisites
- Make sure we already have the CSR that is already signed by the Certificate Authority
- Make sure the Certificate Authority already sends you the Private Key and the Intermediate Root CA certificate.
Certificate Preparation
- Assuming you already have below three files (Private Key, Root CA, Signed CSR). If you don’t have this file, please kindly ask from the Certificate Authority.
- Create new file with extension “.pem” . In this example, I named the file as VRA.pem.
- Open that VRA.pem and copy paste the content from above files (Private.key, Root_CA_Bundle.crt, and Your_Signed_Domain.crt) into VRA.pem. Please kindly make sure that you copy and paste sequentially like below picture:
- After that, save the VRA.pem file.
Upload the certificate into your vRealize Lifecycle Manager
- Log into your vRealize Lifecycle Manager using local user.
- Click Locker.
- Click Certificate.
- Click Import.
- Fill the Name, and Browse the certificate (VRA.pem). Leave the Private Key and Certificate Chain empty (this will automatically filled when you import that certificate.
- After that click Import
- If the upload process is completed with no error then you will be notified “Your certificate successfully added“.
Assigning the SSL Certificate or Replacing the SSL Certificate into VRA Environment
- Back to vRealize Lifecycle Manager home.
- Click Lifecycle Operations.
- Click Environment.
- Choose VRA environment.
- Click View Details
- Click the “. . . “ button.
- Click Replace Certificate.
- Choose the Certificate that you have import from above step then click next until the certificate is OK.
- After that, vRA services will be restarted and you have to wait a couple of minutes until it is available again.
- Wait until below Stages are all completed.
Now the newer certificate is successuflly imported into your vRA environment. If you have difficulties and other errors, please kindly comment below.