VMware Cloud Foundation 4.5

5.2 5.1 5.0 4.5
Deutsch Français Italiano 日本語 English

Replace Certificates and Virtual IP for the Remaining Global Manager Nodes

Replace the default certificates on the remaining Global Manager nodes.
URLs for Replacing the Global Manager Node Certificates
NSX Manager Node
POST URL for Certificate Replacement
gm_node2_fqdn
https://
gm_node2_fqdn
/api/v1/node/services/http?action=apply_certificate&certificate_id=
gm_vip_fqdn
_certificate_ID
gm_node3_fqdn
https://
gm_node3_fqdn
/api/v1/node/services/http?action=apply_certificate&certificate_id=
gm_fqdn
_certificate_ID
gm_vip_fqdn
https://
gm_vip_fqdn
/api/v1/cluster/api-certificate?action=set_cluster_certificate&certificate_id=
gm_vip_fqdn
_certificate_ID
  1. In a web browser, log in to the active Global Manager at https://
    gm_vip_fqdn
    /.
  2. Log in to the host that has access to your data center.
  3. Replace the default certificate for the second Global Manager node with the CA-signed certificate by using the first Global Manager node as a source.
    1. Start the Postman application in your web browser and log in.
    2. On the
      Authorization
       tab, configure the following settings.
      Setting
      Value
      Type
      Selecr Basic Auth.
      User name
      Enter
      admin
      .
      Password
      Enter the
      nsx_admin_password
      .
    1. Click
      Update request
      .
    2. On the
      Headers
       tab, enter the header details.
      Setting
      Value to Select
      Key
      Content-Type
      Key Value
      application/xml
    3. In the request pane at the top, send the URL query.
      Setting
      Value
      HTTP request method
      Select POST.
      URL
      Enter
      https://
      gm_node2_fqdn
      /api/v1/node/services/http?action=apply_certificate&certificate_id=
      firstinstance_gm_vip_certificate_ID
      After the NSX Manager appliance responds, the Body tab displays a
      200 OK
       status.
  4. To upload the CA-signed certificate on the third Global Manager node, repeat steps 2 to step 4 with appropriate values.
  5. Restart the second and third Global Manager nodes.
    1. Log in to vCenter Server.
    2. In the inventory expand
      vCenter Server
      Datacenter
      Cluster
    3. Right-click the second and third Global Manager nodes and click
      Actions
      Power
      Restart guest OS
      .
  6. Verify the status of each Global Manager node.
    1. In a web browser, log in to the first Global Manager node at https://
      gm_node1_fqdn
      /.
    2. For each node, navigate to
      System
      Global Manager Appliances
      View Details
       and confirm that the status is
      REPO_SYNC = SUCCESS
      .
  7. Assign a certificate to the Global Manager cluster.
    1. Start the Postman application in your web browser and log in.
    2. On the
      Authorization
       tab, configure the following settings.
      Setting
      Value
      Type
      Select
      Basic Auth
      .
      User name
      Enter
      admin
      .
      Password
      Enter
      nsx_admin_password
      .
    3. Click
      Update request
      .
    4. On the Headers tab, add a key as follows.
      Setting
      Value
      Key
      Content-Type
      Key Value
      application/xml
    5. In the request pane at the top, send the URL query.
      Setting
      Value
      HTTP request method
      Select
      POST
      .
      URL
      Enter
      https://
      gm_vip_fqdn
      /api/v1/cluster/api-certificate?action=set_cluster_certificate&certificate_id=
      gm_vip_fqdn_certificate_ID
    After the NSX Global Manager sends a response, a
    200 OK
     status is displayed on the Body tab.

Content feedback and comments