Hi everyone! I have a question about using custom certificates for vRealize Suite products. I'm planning to deploy an HA architecture (so 3 instances for vRA, 3 for vRO, 3 for vRLI and so on), and I want to use custom certificates for them, the question is: I have to use SAN certificates? Could you please link me some documentation I can read about? I'm planning to use vRealize Lifecycle Manager 8.2 for installing products.
thanks for your help
Hi @sposs ,
Yes, you need to have SAN certificates.
Subject Alternative Name (SAN) Certificate Requirements
You must create two Workspace ONE Access certificates, one that applies on the cluster appliances and one that applies on the load balancer. In addition, create a certificate that applies to the vRealize Automation appliances, the tenants you are creating, excluding the default tenant, and the load balancer.
Note: vRealize Automation 8.x supports wildcard certificates only for DNS names that match the specifications in the Public Suffix list at https://publicsuffix.org. For example, *.myorg.com is a valid name while *.myorg.local is invalid.
You can read full documentation here https://docs.vmware.com/en/vRealize-Automation/8.2/administering-vrealize-automation.pdf (Managing certificate and DNS configuration under clustered vRealize Automation deployments)