As with change from Java KeyStore to certificate management directly from within the cell-management-tool with VMware Cloud Director 10.3 it is required to understand which certificate formate etc. you have to use.
I start this example of with a PFX file (incl. private key, password protected), something most people have at hand.
- Create a private key file out of your .pfx:
openssl pkcs12 -in 2022_STAR.demovcd.pfx -nocerts -out demovcd.key
- Create the PEM file out of your .pfx:
openssl pkcs12 -in 2022_STAR.demovcd.pfx -clcerts -nokeys -out demovcd.pem
- Move the files to the /tmp folder (or any other folder accessible by the vcloud user)
- Change ownership to vcloud:vcloud on the files:
chown vcloud:vcloud /tmp/demovcd.*
- Change the certificate with the cellmanagement tool on both http and proxy ports:
/opt/vmware/vcloud-director/bin/cell-management-tool certificates -j --cert /tmp/demovcd.pem --key /tmp/demovcd.key --key-password MyMegaSecretPassword
/opt/vmware/vcloud-director/bin/cell-management-tool certificates -p --cert /tmp/demovcd.pem --key /tmp/demovcd.key --key-password MyMegaSecretPassword
- Restart the vcd cell
service VMware-vcd restart
Do this on all the cells, that's it.