thecloudxpert

Additional SSL Certificates for vRealize Automation 7.x (including vRealize Orchestrator)

SSL Certificates VMware vRealize Automation vRealize Orchestrator

Published on 5 November 2016 by Christopher Lewis. Words: 290. Reading Time: 2 mins.

Introduction

So when deploying vRealize Automation, I can be bit OCD when it comes to certificates and websites. Where possible/plausible, I like to make sure all of the sites in the deployment have trusted certificates especially if there is a root CA in play (after all they’re free certificates right?).

After deploying the VMware vRealize Automation 7.x appliance from the OVA (that’s the easy bit) and successfully (normally on the second/third attempt) running through the deployment wizard to deploy a Medium distributed environment. We end up with certificates for the following components:

  • VMware vRealize Automation Virtual Appliance Website / VIP
  • VMware vRealize Automation IaaS Web Server / VIP
  • VMware vRealize Automation Manager Service Server /VIP

Assuming you supply CA Trusted Certificates during the deployment wizard, there is normally no need to make any changes to these certificates unless they age out.

(Note: in a Reference Architecture Medium Distributed environment, the IaaS Web Server and Manager Service is on a single Server (or load balanced pair) and uses a single Subject Alternative Name (SAN) certificate covering both VIPs and the 2 host FQDNs)

However, when carrying on the post deployment configuration I was left with that familiar OCD feeling because there were some certificates that were still self-signed. Namely, these were:

  • VMware vRealize Appliance Virtual Appliance Management Infrastructure (VAMI)
  • VMware vRealize Orchestrator Configurator
  • VMware vRealize Orchestrator Package Signing Certificate

So, let’s scratch that OCD itch and tackle these one at a time in a series of posts to make it easier to read:

  1. Additional SSL Certificates for vRealize Automation7.x (including vRealize Orchestrator) (this post)
  2. Replacing the Appliance Management Site Certificate for vRealize Automation
  3. Replacing the Control Center Certificate on an embedded vRO instance
  4. Replacing the Package Signing Certificate in vRO 7

Published on 5 November 2016 by Christopher Lewis. Words: 290. Reading Time: 2 mins.


Blog Categories: Certificates vRealize Automation vRealize Orchestrator VMware
Related Post(s):
Recent Posts:
  • Creating Super Metrics for Counting Ascendent/Descendent Object Metrics in a List View
  • Creating a Custom Resource Action - Part 1: Getting Started & API Discovery
  • Operating a Private Cloud - Part 3: Creating a Pricing Card in VMware Aria Automation
  • Operating a Private Cloud - Part 2: Creating a Pricing Card in VMware Aria Operations
  • Operating a Private Cloud - Part 1: Understanding Pricing Cards in VMware Aria
    • Blog Categories:
    active directory 6 aria automation 9 aria automation orchestrator 1 aria operations 2 aws 2 blog 1 career 1 certificate authority 5 certificates 5 certification 91 cloud management 1 cloudnativecon 1 community 1 fun 1 general 9 hands on labs 1 home lab 2 kubecon 1 kubernetes 1 microsoft 7 nsx 45 nsx v 41 powercli 8 powershell 6 reviews 1 vcap 48 vcap6 2 vcenter 4 vcix 2 vexpert 9 vmug 5 vmware 99+ vmware aria 1 vmware aria automation 9 vmware aria automation orchestrator 1 vmware aria operations 4 vmware cloud 3 vmware cloud director 1 vmware explore 2 vmware identity manager 2 vmworld 36 vrealize automation 80 vrealize automation saltstack config 1 vrealize business 2 vrealize log insight 1 vrealize operations 1 vrealize operations manager 5 vrealize orchestrator 13 vrealize suite 14 vrealize suite lifecycle manager 20 vsan 5 vsphere 9 windows 6
    Top Tags:
    active directory 6 api 18 barcelona 24 certificates 11 certification 7 howto 33 microsoft 7 multi tenancy 9 nsx v 43 platform services controller 8 powercli 8 powershell 7 psc 6 vcap 9 vcap6 45 vcap6 cma 48 vcap6 nv 37 vcix6 nv 36 vexpert 19 vmug 8 vmware 99+ vmware aria 11 vmware aria automation 9 vmworld 35 vmworld 2016 13 vmworld 2017 9 vra 13 vrealize automation 74 vrealize operations 8 vrealize orchestrator 21 vrealize suite lifecycle manager 11 vrslcm 20 vsan 7 vsphere 12