vRealize Log Insight self-signed SSL certificate is not replaced by a vRealize Suite Lifecycle Manager custom certificate
Article ID: 317106
Updated On:
Products
VMware Aria Suite
Issue/Introduction
Symptoms:
vRealize Log Insight self-signed SSL certificate is not replaced by a vRealize Suite Lifecycle Manager custom certificate.
vRealize Log Insight self-signed SSL certificate is not replaced by a vRealize Suite Lifecycle Manager custom certificate.
Environment
VMware vRealize Suite Lifecycle Manager 1.x
VMware vRealize Suite Lifecycle Manager 2.x
VMware vRealize Suite Lifecycle Manager 2.x
Cause
By default, vRealize Log Insight installs a self-signed SSL certificate on the virtual appliance. vRealize Suite Lifecycle Manager generates custom certificates for products during environment creation, but custom certificate generation fails for vRealize Log Insight. The default vRealize Log Insight self-signed certificate generates security warnings when you connect to the vRealize Log Insight web user interface. If you enabled Integrated Load Balancer, you must generate a new certificate using the ILB IP as common name and replace the certificatesor the vRealize Log Insight Agents configured to connect to the Log Insight server through SSL rejects the connection.
Resolution
This is a known issue affecting vRealize Suite Lifecycle Manager 1.0 and above versions.
Currently, there is no resolution.
Workaround:
To workaround this issue:
Currently, there is no resolution.
Workaround:
To workaround this issue:
- Generate or get a custom CA signed certificate. The generated certificate can be a wildcard, SAN, or Integrated Load Balancer IP certificate.
- Upload the generated certificate to vRealize Log Insight from the SSL configuration menu on the Administration tab.
Feedback
Yes
No
Powered by
