After running the above batch you will have the rui_service.csr, rui_service.key and rui_service.crt files located in
Installation and configuration of the certificates for all the components:
To complete the installation and configuration of the certificates in the vCenter Server Appliance:
Note: Before proceeding, ensure that you back up the existing rui.crt, rui.key, and rui.pfx files. If you plan to skip the replacement of certificates for any of the components, such as vSphere Auto Deploy, you must restart the vCenter Server Appliance after the last certificate is replaced/services restarted.
Connect to the vCenter Server Appliance through SSH.
Stop the VMware VirtualCenter Server service and the vCenter Single Sign-On service using these commands:
service vmware-stsd stop
service vmware-vpxd stop
Create a directory using the mkdir command to store the files.
Using WinSCP from the system you created all of the SSL certificates on, copy the file from c:\certs\vCenterSSO to the /ssl/vpxd directory on the vCenter Server Appliance.
Rename rui_vpxd.crt to rui.crt by running the command:
cp /ssl/vpxd/rui_vpxd.crt ssl/vpxd/rui.crt
Rename rui_vpxd.key to rui.key by running the command:
cp /ssl/vpxd/rui_vpxd.key ssl/vpxd/rui.key
Using VI editor, remove any text before the first —–BEGIN CERTIFICATE—– and after —–END CERTIFICATE—–.
Using WinSCP from the system, you created all of the SSL certificates on, copy rui_inventoryservice.crt and rui_inventoryservice.key from c:\certs\InventoryService to the /ssl/inventoryservice directory on the vCenter Server Appliance.
Rename rui_inventoryservice.crt to rui.crt by running the command:
Note: As there is a plain-text password on the preceding command, to avoid the history file showing the contents of the password because it is in plain text in the command above, run the unset HISTFILE command prior to executing step 16.
Note: The default SSO administrator username for vCenter Single Sign-On 5.5 is administrator@vSphere.local.
After a successful registration, you see output similar to:
Unregister the VMware Log Browser service from vCenter Single Sign-On by running the commands:
Using WinSCP from the system you created all of the SSL certificates on, copy the rui_logbrowser.crt,rui_logbrowser.key from c:\certs\LogBrowser to the /ssl/logbrowser directory on the vCenter Server Appliance.
Rename rui_logbrowser.crt to rui.crt by running the command:
Copy rui.key, rui.crt, and rui.pfx files to the /usr/lib/vmware-logbrowser/conf directory:
cp rui.key /usr/lib/vmware-logbrowser/conf b. cp rui.crt /usr/lib/vmware-logbrowser/conf c. cp rui.pfx /usr/lib/vmware-logbrowser/conf
Change the permissions on the files by running these commands:
cd /usr/lib/vmware-logbrowser/conf b. chmod 400 rui.key rui.pfx c. chmod 644 rui.crt
Run these commands to re-register the VMware Log Browser service to vCenter Single Sign-On:
./09-vmware-logbrowser –mode install –ls-server https://server.domain.com:7444/lookupservice/sdk –user sso_administrator –password sso_administrator_password Note: The default SSO administrator username for vCenter Single Sign-On 5.5 is administrator@vSphere.local.
On a successful registration, you see output similar to:
When complete, restart the Log Browser service by running the commands:
service vmware-logbrowser stop
service vmware-logbrowser start
Using WinSCP from the system you created all of the SSL certificates on, copy the rui_autodeploy.crt and rui_autodeploy.key from c:\certs\AutoDeploy to the /ssl/autodeploy directory on the vCenter Server Appliance.
Copy the rui_autodeploy.crt and rui_autodeploy.key to the /etc/vmware-rbd/ssl/ directory: