Log Insight 8 – Creating and installing Self Sign Certificate with VRLCM8

By default, vRealize Log Insight installs a self-signed SSL certificate on the virtual appliance. The self-signed certificate generates security warnings when you connect to the vRealize Log Insight web user interface. If you do not want to use a self-signed security certificate, you can install a custom SSL certificate

vRealize Log Insight uses SSL certificates for the following purposes:

  • HTTPS connections to the vRealize Log Insight UI
  • SSL-encrypted Syslog and API connections
  • Ingestion API authentication

Generate a Certificate Signing Request

You can manage Certificates with LCM Locker . Here user can,

  • Generate new certificate.
  • Import an existing certificate.
  • Generate a CSR (Certificate Sign Request).

Name – SSL/TLS certificate is must be associated with one or more host names. Selecting the correct names is very important, because the certificate will be valid only if the request matches the host name (or host names) associated with the SSL certificate.

Common Name (AKA CN) represents the server name protected by the SSL certificate. The certificate is valid only if the request hostname matches the certificate common name. Most web browsers display a warning message when connecting to an address that does not match the common name in the certificate.

How to Determine Your CSR Common Name Format

Organization Name (O): The legal name of your company/organization (i.e. Google, Inc.). Do not abbreviate your company name and it should include the corporate identifier such as Inc., Corp, or LLC (if applicable). For DV orders, you can use your personal name (i.e. John Doe).

Choose the VRLI Cluster and then the option for Replace Certificate.

A pop-up will appear for replacing the product certificate

The Current Certificate page provides the certificate details that is currently applied in the product – please press next.

Select the new certificate from the drop down that needs to be applied in the Product

Click the RUN PRECHECK button to run the precheck for the certificate against the selected product. The precheck will be mostly the hostname verification between the entries in the certificate and the product components.

  • Click FINISH button to submit the request.
  • The progress of the request can be monitored in the request page.

Leave a Reply

Your email address will not be published. Required fields are marked *