How to Replace VMware Aria Automation Certificates Using Aria Suite Lifecycle
Article ID: 409751
Updated On:
Products
Issue/Introduction
This article outlines the process for updating or replacing SSL certificates for VMware Aria Automation environments managed by VMware Aria Suite Lifecycle. This procedure is necessary in scenarios such as:
- An existing certificate is nearing its expiration date or has already expired.
- The organization's security policy mandates replacing self-signed certificates with trusted, CA-signed certificates.
- Changes in the environment (e.g., new load balancer VIP, FQDN changes) require a new certificate with updated Subject Alternative Names (SANs).
Environment
Aria Automation 8.18.1 and later
Resolution
For detailed information and the official Broadcom TechDocs guide on this process, please refer to:
Replace VMware Aria Automation certificates
Replace VMware Aria Automation certificates
Note:
This process of selecting "Generate CSR" requires you to have the CSR signed by an external CA before it can be imported back into locker and applied.
Additional Information
When using self-signed certificates that use Aria Suite Lifecyle Manager as the certificate authority (CA) for signing the certificates due to no external CA, please use the "Generate" option highlighted on the below Techdoc article. This option automatically signs the CSR when following the wizard, as this is the standard process for self-signed certificates.
Manage certificates for VMware Aria Suite Lifecycle products
https://techdocs.broadcom.com/us/en/vmware-cis/aria/aria-suite-lifecycle/8-18/vmware-aria-suite-lifecycle-installation-upgrade-and-management-8-18/configuring-vmware-aria-suite-lifecycle/manage-certificates.html
Feedback
