Certificates generated by vCloud Availability 3.x appliances expire after one year, by default, and can be easily regenerated as needed. However, there are some situations where the expiration needs to be extended or reduced to accommodate specific business requirements.

VMware vCloud Availability 3.5.x
VMware vCloud Availability 3.0.x

Please note that making changes directly to the files referenced below introduces risks to the functionality of your implementation if there are any mistakes or misconfigurations. Moreover, there is no guarantee that these changes will be preserved upon the next system update and may need to be re-introduced at a future time.

In order to adjust the default certificate expiration, perform the following steps on each appliance that requires the change:

1. Log in as root via SSH or the console.
2. Navigate to the following location: /opt/vmware/h4/bin/
3. Take a backup of the sysboot.py file and note the file permissions.
4. Using the text editor of your choice, open the file and look for a section similar to the following:
    
   ...
       def create_new_keystore():
           '''
           Creates a new public/private keypair, stored in a PKCS#12 container.
           '''
           log('Generating keystore %s' % keystore)
   
           cmd = [
               '/opt/jre/bin/keytool', '-genkey',
               '-keysize', '2048',
               '-keyalg', 'RSA',
               '-sigalg', 'SHA256withRSA',
               '-alias', alias,
               '-storetype', 'PKCS12',
               '-keystore', keystore,
               '-storepass', kspass,
               '-keypass', keypass,
               '-validity', '365',
               '-dname', 'CN=%s.vm, OU=Unknown, O=Unknown' % alias,
           ]
   ...
    
5. Adjust the validity parameter to accommodate your business requirements.

Once these changes have been completed, they will take effect the next time the certificate is regenerated on the appliance.

For more information on managing certificates in vCloud Availability 3.5, see the Certificates Management section of the vCloud Availability documentation.