Adding a TLS/SSL Certificate to the VMware Aria Operations Truststore
search cancel

Adding a TLS/SSL Certificate to the VMware Aria Operations Truststore

book

Article ID: 328177

calendar_today

Updated On:

Products

VCF Operations/Automation (formerly VMware Aria Suite)

Issue/Introduction

You can use a TLS certificate in certain adapter advanced configurations with an option to 'Verify' or 'No Verify'.  The difference is that in 'Verify', the adapter will verify if it is a legitimate certificate. 
If you need the extra security from this added layer of protection, it will be necessary to import the certificate into the VMware Aria Operations truststore.

Environment

Aria Operations 8. x

Resolution

  • Obtain the TLS certificate. You can obtain it from your internet browser or using openssl.  Export the certificate as an X.509 Certificate (PEM).

  • Copy the certificate to your VMware Aria Operations Collector where the adapter instance is running.

  • Use ‘ssh’ and log in to the VMware Aria Operations Collector as the root user, then run the following command, changing <product_alias> with a friendly name for the certificate and <certfile> with the location and filename of the certificate:

    $VCOPS_BASE/jre/bin/keytool -import -alias <product_alias> -file /tmp/<certfile> -keystore "$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore" -storepass `grep ssltruststorePassword /storage/vcops/user/conf/ssl/storePass.properties | sed s/ssltruststorePassword=//` -trustcacerts

Powered by Wolken Software