This article provides steps to replace self-signed certificates with custom certificates in VCF Operations for Networks

Note: VCF Operations for Networks was formerly known as vRealize Operations for Networks (vRNI) and Aria Operations for Networks (AON).

1. Create the certificate chain file using the vrni_cert.cer, ca_root_cert.cer and ca_inter_cert.cer (if present) files by running the following command on the VCF Operations for Networks platform appliance as the support user:
   
cat /home/support/certs/vrni_cert.cer /home/support/certs/ca_inter_cert.cer /home/support/certs/ca_root_cert.cer > vrni_cert_chain.cer
   
   
2. If there is a custom certificate already installed, remove it by running the following command on the VCF Operations for Networks platform appliance as the consoleuser user:
   
   custom-cert-remove
   
   
3. Import the CA-signed certificate and private key files, by running the following command as the consoleuser user; ensure to enter the password when prompted:
   
   custom-cert copy --host localhost --user support --port 22 --path /home/support/certs/vrni_cert_chain.cer
custom-cert copy --host localhost --user support --port 22 --path /home/support/certs/vrni_key.key
   
   
4. Ensure the certificates  have been imported by running the following command as the consoleuser user:
   
   custom-cert list
   
   Note: Output should look like the following:
   
   (cli) custom-cert list
vrni_cert_chain.cer
vrni_key.key
   
   
5. If the above output is correct, apply the certificates by running the following command:
   
   custom-cert apply