Manage certificates
A single instance of ONTAP tools for VMware vSphere can manage multiple vCenter Server instances. ONTAP tools for VMware vSphere is deployed with a self-signed certificate for VASA Provider. With this, only one vCenter Server instance can be managed for vVols datastores. When you're managing multiple vCenter Server instances and you want to enable vVols capability on multiple vCenter Server instances, you need to change the self-signed certificate to custom CA certificate using ONTAP tools Manager interface. You can use the same interface to renew or refresh all certificates.
A different load balancer IP address mapped to different domains is not supported when you upgrade self-signed to custom CA. |
Steps
-
Launch ONTAP tools Manager from a web browser:
https://loadBalanceIP:8443/virtualization/ui/
-
Log in with the ONTAP tools for VMware vSphere administrator credentials you provided during deployment.
-
Select Certificates > VASA provider > Renew option to renew the certificates.
The system will be offline till the certificate is renewed. -
To upgrade the self-signed certificate to custom CA certificate, select Certificates > VASA provider > Upgrade to CA option.
-
In the Upgrade certificate to custom CA pop-up, upload the server certificate, server certificate private key, root CA certificate, and intermediate certificate files. The tool tip provides description of the certificates.
-
Enter the domain name for which you generated this certificate.
-
Click Upgrade.
The system will be offline till the upgrade is complete.
-