VMware Cloud Foundation 4.5

5.2 5.1 5.0 4.5
Deutsch Français Italiano 日本語 English

Install OpenSSL-signed Certificates using SDDC Manager

Replace the self-signed certificates with OpenSSL-signed certificates generated by SDDC Manager.
  1. In the navigation pane, click
    Inventory
    Workload Domains
    .
  2. On the
    Workload Domains
     page, from the table, in the domain column click the workload domain you want to view.
  3. On the domain summary page, click the
    Certificates
     tab.
  4. Generate CSR files for the target components.
    1. From the table, select the check box for the resource type for which you want to generate a CSR.
    2. Click
      Generate CSRs
      .
      The
      Generate CSRs
       wizard opens.
    3. On the
      Details
       dialog, configure the settings and click
      Next
      .
      Option
      Description
      Algorithm
      Select the key algorithm for the certificate.
      Key Size
      Select the key size (2048 bit, 3072 bit, or 4096 bit) from the drop-down menu.
      Email
      Optionally, enter a contact email address.
      Organizational Unit
      Use this field to differentiate between divisions within your organization with which this certificate is associated.
      Organization Name
      Type the name under which your company is known. The listed organization must be the legal registrant of the domain name in the certificate request.
      Locality
      Type the city or locality where your company is legally registered.
      State
      Type the full name (do not abbreviate) of the state, province, region, or territory where your company is legally registered.
      Country
      Type the country name where your company is legally registered. This value must use the ISO 3166 country code.
    4. (Optional) On the
      Subject Alternative Name
       dialog, enter the subject alternative name(s) and click
      Next
      .
      You can enter multiple values separated by comma (,), semicolon (;), or space ( ). For NSX-T, you can enter the subject alternative name for each node along with the Virtual IP (primary) node.
      Wildcard subject alternate name, such as *.example.com is not recommended.
    5. On the
      Summary
       dialog, click
      Generate CSRs
      .
  5. Generate signed certificates for each component.
    1. From the table, select the check box for the resource type for which you want to generate a signed certificate.
    2. Click
      Generate Signed Certificates
      .
    3. In the
      Generate Certificates
       dialog box, from the
      Select Certificate Authority
       drop-down menu, select
      OpenSSL
      .
    4. Click
      Generate Certificates
      .
  6. Install the generated signed certificates for each component.
    1. From the table, select the check box for the resource type for which you want to install a signed certificate.
    2. Click
      Install Certificates
      .

Content feedback and comments