Solved: How can I change the certificate for the VAMI on V...

brn2015 · ‎12-12-2016

Hi! I am currently using the VCSA 6.5. I was able to change the machine certificates to signed certificates using the certificate-manager tool set in the CLI.

I notice when I go to access the VMware Appliance Manager its still using a self-signed cert.

How can I change this cert as well? I cannot find instructions on how to change that particular cert, only the machine certs.

Thanks!

brn2015 · ‎12-14-2016

So I called support and basically after installing the machine certificate service-control --stop --all does not stop the vami-lighttp service. The VAMI certificate will be updated only after restarting the service. Restart the service manually made the VAMI service to pickup the new certificate chain.

Guess you have to restart. Looks like this is a bug targeted for fixing (with a new certificate manager) in u3.

View solution in original post

guruswapanvi · ‎12-12-2016

Hi,

Did you changed the Machine SSL certificate or Machine (Solution user) certificate?

Thanks!

brn2015 · ‎12-13-2016

I changed the Machine SSL certificate.

brn2015 · ‎12-14-2016

So I called support and basically after installing the machine certificate service-control --stop --all does not stop the vami-lighttp service. The VAMI certificate will be updated only after restarting the service. Restart the service manually made the VAMI service to pickup the new certificate chain.

Guess you have to restart. Looks like this is a bug targeted for fixing (with a new certificate manager) in u3.

MotisLtd · ‎07-03-2021

The service restart didn't work for me, but this procedure did:

https://kb.vmware.com/s/article/2136693

All

How can I change the certificate for the VAMI on VCSA 6.5?