Replacing vCenter Operations Manager Certificate (vApp)

Refer to this post for openssl info, then follow the steps here:

  1. Generate a certificate signing request
    1. openssl req -out vcops.csr -new -newkey rsa:2048 -nodes -keyout vcops.key
      • Answer the wizard questions appropriately for your environment.
      • This creates your Certificate request and generates the associated private key.
  2. When you receive your signed cert from the CA if not already in pem format (with private key):
    1. Assuming CER or CRT we need to convert it to PKCS12 first.
      • openssl pkcs12 -export -in vcops.cer -inkey vcops.key -name vcops -passout pass:password -out vcops.pfx
  3. Convert to PEM w/ private key
    1. openssl pkcs12 -in vcops.pfx -out vcops.pem -nodes
      • It will prompt for password, if you used my example under step 2, then that would be password.
  4. Log into vcop's admin console (https://vcopsServername/admin), select the SSL tab, and upload your newly created pem file.
Additional Steps:
These steps were helpful in updating vCOPs registration info in vCenter w/ the 'certified' name.


Popular posts from this blog

NSX-T: vCenter and NSX-T Inventory out of Sync (Hosts in vSphere not showing up in NSX-T)

MacOS: AnyConnect VPN client was unable to successfully verify the IP forwarding table modifications.

Azure VMware Solution: NSX-T Active/Active T0 Edges...but