Add Certificate to vRealize Operation Manager tcServer Truststore

Why interesting this? We use VMware vRealize Operation Manager and vRealize Log Insight. This two products is integrated eachother. E.g.: when I select a VM in vROps than I select Log tab, vRLI will open in the same window, and shows me the logs wich is belong to the selected VM. In that case we won’t get cert. error message in vROps. So we can import or add vRLI cert into vROps certifiacet store.

vRealize Operation Manager handle only PEM format certificate. If you have cer file in DEM format you can convert it by OpenSSL.

Convert DER to PEM

openssl x509 -inform der -in certificate.cer -out certificate.pem

View PEM cert:

openssl x509 -in aaa_cert.pem -noout -text

Upload the file to vROps server e.g.: /tmp folder by WinSCP. Open Putty or your favorite SSH application and log in to vROps Nodes by root. Type the following command on console:

$VCOPS_BASE/jre/bin/keytool -import -alias <alias_name> -file /tmp/<cert.pem> -keystore “$VCOPS_DATA_VCOPS/user/conf/ssl/tcserver.truststore” -storepass <thisisstorepasskey> -trustcacerts

The <truststore_password> is generated by vROps and is located in /storage/vcops/user/
conf/ssl/storePass.properties. Copy the password from the ssltruststorePassword= field and paste it in the <truststore_password> placeholder.

Press enter, and say yes for question about trustid certifiaction.

Repeat the above steps on every vROps node. Don’t forget reboot the host after you ran the command successfully.

Import_cert_vRealize_Operation

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s