Pivotal Knowledge Base

Follow

How to replace self signed certificate in Ops Manager?

Environment

Product Version
Pivotal Cloud Foundry® (PCF) 1.6.x to 1.7.x

Purpose

Ops Manager uses self-signed certificate by default. This article discusses how to replace the default certificate with the certificate provided by the user.

Procedure

This procedure discusses how to replace Ops Manager default certificate with a user provided certificate: 

  1. ssh into Ops Manager
  2. Ops Managerusesnginx. You need to check /etc/nginx/nginx.conf to checkwheressl certificate & key are located. By default they are located under /var/tempest/cert
    $ cat /etc/nginx/nginx.conf | grep ssl_cert
    ssl_certificate "/var/tempest/cert/tempest.crt”
    ssl_certificate_key "/var/tempest/cert/tempest.key”;
  3. Replace the certificate under /var/tempest/cert
  4. Restart tempest-web service
    $ sudo service tempest-web stop
    $ sudo service tempest-web start

Comments

Powered by Zendesk