VMware Smart Assurance NCM: How to create a Third Party Root Certificate for a remote Report Advisor Server?
search cancel

VMware Smart Assurance NCM: How to create a Third Party Root Certificate for a remote Report Advisor Server?


Article ID: 345306


Updated On:




While loading the RA login page, below page with website's security certificate is launched.

In viewing the Certificate, it would appear as below, which is the default certificate of Network Configuration Manager. 


VMware Smart Assurance - NCM


Follow the below steps to create Third party root certificate for a remote RA:

1. Log into the Report Advisor server with Admin or root privileges.
2. Execute: source /etc/voyence.conf 
3. Download the attached ssl-utility.pl script designed for Report Advisor. Place it under $VOYENCE_HOME/tools/ssl/ssl-utility.pl in RA server. If no $VOYENCE_HOME/tools/ssl/ directory exists, create one.
4. Use the following steps to generate a Private Key and Certificate Signing Request (CSR).
   Type the following command to change directories to [Product Directory]\tools\ssl, and then press Enter: (cd $VOYENCE_HOME\tools\ssl)
   Type the following command, and press Enter: perl ssl-utility.pl  keygen
   Follow the screen prompts. General security information about the location of the server, and the hostname; such as country, state, locality, and organization name would be asked to enter. Any field user do not want to complete can be left blank or enter a period (.) into that field.
The utility generates the following files:
 - server.key   the private key
 - server.csr   the certificate signing request (CSR)
5. Send the CSR file to your Certificate Authority (CA). The CA then returns the signed certificate.
6. Save this file to [Product Directory]\tools\ssl\.


Installing the private key and certificate

1. Log into the Application server as a user with admin or root privileges.
2. Execute: source /etc/voyence.conf
3. Change directories to $VOYENCE_HOME\tools\ssl, and then press Enter: cd $VOYENCE_HOME\tools\ssl
4. Type the following command and press Enter: perl ssl-utility.pl  install <private key file> <certificate file>
                     For example: perl ssl-utility.pl  install server.key certnew.cer
5. The installer prompts user to confirm whether to install the private key and certificate.
                     Type Y, and press Enter.
6. Partially through the certificate install, utility would prompt user to enter a password to protect the private key and Java keystore.
This password must be at least six characters. 
Enter a password, and press Enter.
** NOTE: This is different than the bundle.p12 certificate on installation that requires 8 characters and one of them special.**
7. Once the utility completes, the NCM Tomcat services are restarted, and a message displays indicating the SSL configuration is complete.
8. Clear the cache on the Web browser that was connected to the RA server previously and launch RA. 


ssl-utility.pl get_app