Please follow the instructions below to save certificates from vCenter Windows/Appliance & import into SRM appliance.
1. Right click on Download trusted root CA certificates & Save Link as..
3. You may be required to use Windows or Linux certificates depending on the host OS you are importing it to. For SRM appliance, we will be using linux certificates.
For Enhanced Link Mode vCenter
Using WinSCP copy the "lin" certificate folder to /home/admin/ directory in the SRM appliance.
a.Login to SRM appliance as root and list the contents of /home/admin/
root@srmpr [ /home/admin ]# ls
lin
b.Change directory to lin
root@srmpr [ /home/admin ]# cd lin
c.Copy all the files in folder ''lin" to /etc/ssl/certs/ directory by running the command cp *.* /etc/ssl/certs/ and follow the steps from 4.
For Standalone vCenter (Not in linked mode)
Using WinSCP copy the contents of both vCenters "lin" folder into the folder created as common under /home/admin directory in the SRM appliance.
a. Login to SRM appliance as root and list the contents of /home/admin/
root@srmpr [ /home/admin ]# ls
common
b.Change directory to common
root@srmpr [ /home/admin ]# cd common
c.Copy all the files in folder ''common" to /etc/ssl/certs/ directory by running the command cp *.* /etc/ssl/certs/ and follow the steps from 4.
4. To modify the certificates' permissions, run the following command - chmod a+r /etc/ssl/certs/*
5. Run - c_rehash
NOTE: c_rehash command does not exist in SRM 8.8 and higher versions. Please run '/usr/bin/rehash_ca_certificates.sh'
6. Reboot the appliance
7. Reconfigure the appliance
8. Reconnect site pair.
Workaround:
c_rehash scans directories and calculates a hash value of each .pem, .crt, .cer, or .crl file in the specified directory list and creates symbolic links for each file, where the name of the link is the hash value.