By default, Log Insight installs a self-signed SSL certificate on the virtual appliance.

The self-signed certificate generates security warnings when you connect to the Log Insight Web user interface. If you do not want to use a self-signed security certificate, you can install a custom SSL certificate. The use of a custom SSL certificate is optional and does not affect the features of Log Insight.

Note

The Log Insight Web user interface and the SSL syslog protocol use the same certificate for authentication.

Verify that your custom SSL certificate meets the following requirements.

The certificate file contains both a valid private key and a valid certificate chain.

The private key is generated by the RSA or the DSA algorithm.

The private key is not encrypted by a pass phrase.

If the certificate is signed by a chain of other certificates, all other certificates are included in the certificate file that you plan to import.

The private key and all the certificates that are included in the certificate file are PEM-encoded. Log Insight does not support DER-encoded certificates and private keys.

The private key and all the certificates that are included in the certificate file are in the PEM format. Log Insight does not support certificates in the PFX, PKCS12, PKCS7, or other formats.

Verify that you are logged in to the Log Insight Web user interface as an Admin user. The URL format is https://log-insight-host, where log-insight-host is the IP address or host name of the Log Insight virtual appliance.

If you use Internet Explorer 9, verify that you have Adobe Flash Player installed on your system.

1

Click the configuration drop-down menu icon and select Administration.

2

Under Configuration, click SSL Certificate.

3

Browse to your custom SSL certificate and click Open.

4

Click Save.

After Log Insight restarts, verify that syslog feeds from ESXi continue to arrive in Log Insight. For troubleshooting, see ESXi Logs Stop Arriving in Log Insight.