I think most people have had issues with replacing/updating certificates on the various virtual appliances that will be floating around their infrastructure, thankfully (and finally someone has done it!), there’s a fling created to help with this! Much kudos to the creators!
Replacing SSL certificates across VMware products is a manual and time-consuming process. The SDDC Certificate Tool automates this workflow and makes it easy to keep certificates across your SDDC up to date. It will replace all certificates in the supported products and reestablish trust between the components.
- VMware Platform Services Controller (PSC)
- VMware vCenter Server (VC)
- VMware NSX for vSphere (NSX)
- vRealize Log Insight (vRLI)
- vRealize Operations Manager (vROps)
- vRealize Automation (vRA)
- vRealize Business for Cloud (vRB)
SDDC Certificate Tool
I actually wrote some documentation on this for my team, when I encountered the issue. Then I lost it. Hence setting up a website to store everything I come across, on!
This issue came about myself after I upgraded the version of VROPS I had installed and I couldn’t for the life of me understand why the agent simply refused to connect. So after much messing around, I found the following vmware KB:
VMware vRealize Operations Manager for Horizon 6.2 Broker Agent fails to pair with the Horizon adapter (2140844)
Yep, they decided to leave out the necessary ports allowed through the firewall on the appliance. Thanks vmware!
If you aren’t comfortable using VI – which for the uninitiated, can be a nightmare, you can take a copy of the file (download it/FTP it off etc) and make the changes, then re-upload it.
Don’t forget the restart the firewall service – also when I rebooted the VROPs server once, it lost the settings, so rookie mistake or something more…sinister… Not sure, don’t care, just had to do this again! 😉