Changing/Renewing your SSL certificates on vCloud Director Cells

I was working on my vCloud Director lab the other day when I noticed that my SSL certificates expired. I was actually using the same certificates that i generated back in the old beta days.

Although there is no way to renew this SSL certificates from the vCD GUI, the process is fairly easy using the command line. Here is the steps I’ve taken to renew the certs on my lab:

1) First thing you need to stop the vCD cell service. The command for that, using root account, is “service vmware-vcd stop”.

2) Next, you need to run the configuration script once again. The command is “/opt/vmware/cloud-director/bin/configure”

3) Once the script starts, it will ask you for the SSL certificate. You have to identify the name of the file and then enter the required passwords.

4) You accept the question asking you if you want to start the vCD service again and you are done.

The easiest way to check on you new certificate renewal is to fire up your web browser and go to the vCD portal. Once there, you should have the security warning asking you to accept the new cert. In my case this is how the new cert looked like:

It’s important to note here that you need to apply the same changes on all your cells if you are running a multi-cell vCD setup. You may have noticed also that this certificate changes will require a minor downtime, so you have to plan for that as well.

Share Button