Note: Before making any changes, it is highly recommended that you take the necessary backup/snapshots of the usage meter VM instances.
Usage meter certificate replacement is rather simple. Usage meter 4.2 Runs on Nginx and the Nginx configuration for the webserver is located here
Let’s take a look at the Nginx configuration for certificate and the key used:
[email protected] [ / ]# cat /opt/vmware/cloudusagemetering/conf/nginx.conf | grep crt ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; [email protected] [ / ]# cat /opt/vmware/cloudusagemetering/conf/nginx.conf | grep key ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
In order to replace the certificate, Either rename and replace the above-mentioned files with the new CA-signed certificate, key
create a directory and dump the new, signed certificate, key in there and make necessary corrections to the config file.
Do keep in mind that the permissions will need to be set accordingly. (chown and chgrp)
[email protected] [ /etc/ssl/certs ]# ls -ltrh nginx-selfsigned.crt -rw-r--r-- 1 root root 1.3K Jun 25 05:02 nginx-selfsigned.crt [email protected] [ /etc/ssl/private ]# ls -ltrh total 4.0K -rw------- 1 usagemeter usagemeter 1.7K Jun 25 05:02 nginx-selfsigned.key
Once done, restart the usage meter appliance.