This article describes how to import Proxy server certificates to SDDC manager trust store.
VMware Cloud Foundation 5.x
VMware Cloud Foundation 4.x
The following steps can be used to update the SDDC Manager trust store with the Proxy server certificate.
KEY=$(cat /etc/vmware/vcf/commonsvcs/trusted_certificates.key)
echo $KEY
Sample output
root@sddc01 [ /home/vcf ]# echo $KEY
iDxxxxxxxxxxxxxxx6_m
keytool -importcert -alias <aliasname> -file <certificate file> -keystore /etc/vmware/vcf/commonsvcs/trusted_certificates.store --storepass $KEY
Notes:
Type yes when prompted to trust the certificate
Enter something meaningful, like ProxyServer for the <aliasname> value.
Replace <certificate file> with the full path to the certificate file that was uploaded in Step 1
keytool -importcert -alias <aliasname> -file <certificate file> -keystore /etc/alternatives/jre/lib/security/cacerts --storepass changeit
The keystore file is changed from /usr/java/jre-vmware/lib/security/cacerts to /etc/alternatives/jre/lib/security/cacerts
/opt/vmware/vcf/operationsmanager/scripts/cli/sddcmanager_restart_services.sh
keytool -importcert -alias <aliasname> -file <certificate file> -keystore /etc/alternatives/jre/lib/security/cacerts --storepass changeit
/opt/vmware/vcf/operationsmanager/scripts/cli/sddcmanager_restart_services.sh
keytool -list -v -keystore /etc/vmware/vcf/commonsvcs/trusted_certificates.store -storepass $KEY