Managing Certificates in VMware Cloud Foundation

You can use the

SDDC Manager UI

to manage certificates in a

VMware Cloud Foundation

instance, including integrating a certificate authority, generating and submitting certificate signing requests (CSR) to a certificate authority, and downloading and installing certificates.

This section provides instructions for using either:

OpenSSL as a certificate authority, which is a native option in

SDDC Manager

Integrating with Microsoft Active Directory Certificate Services.

Providing signed certificates from another external Certificate Authority.

You can manage the certificates for the following components.

vCenter Server

NSX Manager

SDDC Manager

VxRail Manager

vRealize Suite Lifecycle Manager

Use

vRealize Suite Lifecycle Manager

to manage certificates for the other vRealize Suite components.

You replace certificates for the following reasons:

A certificate has expired or is nearing its expiration date.

A certificate has been revoked by the issuing certificate authority.

You do not want to use the default VMCA-signed certificates.

Optionally, when you create a new workload domain.

It is recommended that you replace all certificates after completing the deployment of the

VMware Cloud Foundation

management domain. After you create a new VI workload domain, you can replace certificates for the appropriate components as needed.

VCF on Dell VxRail Guide

View Certificate Information

Configure VMware Cloud Foundation to Use Microsoft CA-Signed Certificates

Configure VMware Cloud Foundation to Use OpenSSL CA-Signed Certificates

Install Third-Party CA-Signed Certificates Using Server Certificate and Certificate Authority Files

Install Third-Party CA-Signed Certificates in VMware Cloud Foundation Using a Certificate Bundle

Add a Trusted Certificate to the SDDC Manager Trust Store

Remove Old or Unused Certificates from SDDC Manager

Content feedback and comments

VMware Cloud Foundation 4.5

Managing Certificates in VMware Cloud Foundation