Topic Name : Install Upgrades to vRealize Suite Lifecycle Manager from an ISO File
Publication Name : vRealize Suite Lifecycle Manager 1.3 Installation, Upgrade, and Management
Product/Version : vRealize Suite/2017
Question :
How is it that we are three releases into a product and there is not an obvious way, or apparent documentation, to provide a CA signed SSL certificate for the LCM appliance? this should be available as part of the OVF deploy so it is set from the beginning or it should be available in the Settings page - See LogInsight for one of the best VMW product SSL install options. At the very least, the method for doing this SHOULD be documented in the "Configuring vRealize Suite Lifecycle Manager Common Settings" section of the official online docs.
Update and resolution:
This behavior is being caused by the presence of the following file (apparently new in version 1.3):
/etc/init.d/vlcm-certgen <-- each time the appliance boots, a cert is generated, overwriting any custom certs that had been placed in /opt/vmware/vlcm/cert
So quick resolution is:
Thanks to the quick responses from the team on the solution shown above.
Anyone else reading this, please note that a bug has been filed and assigned !
Agree, Burke-
The extra annoying bit here is that in a previous version, I had found this:
Replace Certificate on the vRealize Suite Lifecycle Manager Appliance -- which worked.. however, with LCM 1.3, this no longer appears to be the case. It will work initially (after restarting the service as noted in that page), but upon appliance reboot, the CA signed certificate is lost , giving me the ever so ugly "Not secure" address bar in Chrome.
In this day and age, PKI certs should not be a v2 feature--they should be there from day one. This isn't an outlandish "feature" to have any longer.
Update and resolution:
This behavior is being caused by the presence of the following file (apparently new in version 1.3):
/etc/init.d/vlcm-certgen <-- each time the appliance boots, a cert is generated, overwriting any custom certs that had been placed in /opt/vmware/vlcm/cert
So quick resolution is:
Thanks to the quick responses from the team on the solution shown above.
Anyone else reading this, please note that a bug has been filed and assigned !