VCAP-CMA Deploy – Objective 8.1

Disclaimer: These are my notes from studying for the 3V0-31.18 exam. If something doesn’t make sense, please feel free to reach out.

The main goal for this objective is the security of vRealize Automation.

Objective 8.1 – Renew, and/or replace security certificates on distributed vRealize Automation components


This is about replacing the certificates on these components:

Other certificates that are in use manage themselves through self signed certificates to communicate. An external vRO must be done separately but if you’re using the embedded one it will update automatically.

All of these can be updated from the VAMI page of the vRA appliance. The different certificates can be managed from two pages:

Both of these pages provide different options to complete the certificate replacement.

When you update a certificate, trust is re-initiated with other components.

_**Side note – **_If you use certificate chains, specify the certificates in the following order:

If you offload SSL on your load balancer, you will need to SSH to the appliance to export the certificate to upload to your load balancer.

While updating the certificate, a list of recent actions and success/failure is show near the bottom of the page.

That’s all for this one, fairly straightforward. Although it’s always worth remembering that exam questions are going to be scenario based so you’ll be asked to achieve an objective that may well touch multiple parts of vRA.