This KB article describes the procedure for generating the default TLS certificate (self-signed certificate) in a standalone configuration of Aria Automation Orchestrator 8.18.1.

Note:

• Starting with Automation Orchestrator 8.18, the Control Center service is deprecated and is removed in Automation Orchestrator 8.18.1 and later.
  
  
• In the case of Aria Automation Orchestrator instances managed by Aria Suite Lifecycle rather than a standalone configuration, the update must be performed from the Aria Suite Lifecycle side.

Aria Automation Orchestrator 8.18.1

Note: Before proceeding best practice dictates you first snapshot the Aria Automation Orchestrator appliance.

1. Connect to the Aria Automation Orchestrator Appliance via SSH and login as the root user.
   
   
2.  Run the following command to generate a TLS certificate: 
   
   vracli certificate ingress --generate auto --set stdin
   
   Example:
   
   # vracli certificate ingress --generate auto --set stdin
   Generating one-off certificate chain for ingress ...
   Certificate chain is valid according to internal policy.
   Updating configuration.
   Imported in certificates/ingress
   
   
3. Move to the /opt/scripts/ directory: 
   
   cd /opt/scripts/
   
   
4. Run the following command to apply the new TLS certificate:
   
   ./deploy.sh
   
   Note: Orchestrator services will be stopped and restarted; therefore,  Aria Automation Orchestrator will be unavailable during this process.
   
   Example:

   # ./deploy.sh
   + trap on_exit EXIT
   + export -f wait_deploy_health
   + log_stage 'Waiting for deploy healthcheck'
   + set +x

   <snip>

   Prelude has been deployed successfully

   To access, go to https://<Aria Automation Orchestrator FQDN>

スタンドアロン構成の Aria Automation Orchestrator 8.18.1 で TLS 証明書を生成する方法