Pivotal Knowledge Base

Follow

How to Replace Self-Signed Certificate in Operations Manager

Environment

Pivotal Cloud Foundry® (PCF) versions from 1.6.x to 1.12.x and PCF 2.0.x

Purpose

Operations Manager uses self-signed certificate by default. This article discusses how to replace the default certificate with the certificate provided by the user.

Procedure

This procedure discusses how to replace Operations Manager default certificate with a user-provided certificate: 

  1. SSH into Operations Manager
  2. Ops Managerusesnginx. You need to check /etc/nginx/nginx.conf to checkwheressl certificate & key are located. By default they are located under /var/tempest/cert
    $ cat /etc/nginx/nginx.conf | grep ssl_cert
    ssl_certificate "/var/tempest/cert/tempest.crt”
    ssl_certificate_key "/var/tempest/cert/tempest.key”;
  3. Replace the certificate under /var/tempest/cert
  4. Restart tempest-web and nginx services
    $ sudo service tempest-web stop
    $ sudo service nginx stop
    $ sudo service nginx start
    $ sudo service tempest-web start

Comments

Powered by Zendesk