You can generate a self-signed certificate for Windows or Linux by using the OpenSSL tool.

Download the appropriate installer for OpenSSL from https://www.openssl.org/community/binaries.html. Use the downloaded OpenSSL installer to install it on Windows.

Edit the openssl.cfg file to add additional required parameters. Make sure the [req] section has the req_extensions parameter defined.

[req]
        .
        .
        req_extensions=v3_req # 

Add an appropriate Subject Alternative Name entry for the hostname or IP address of your server, for example server-01.loginsight.domain. You cannot specify a pattern for the hostname.

[v3_req]
        .
        .
        subjectAltName=DNS:server-01.loginsight.domain
        #subjectAltName=IP:10.27.74.215
1

Create a folder to save your certificate files, for example C:\Certs\LogInsight.

2

Open a command prompt and run the following command.

C:\Certs\LogInsight>openssl req -x509 -nodes -newkey 2048 -keyout server.key -out server.crt -days 3650

OpenSSL prompts you to supply certificate properties, including country, organization, and so on.

3

Enter the exact IP address or hostname of your vRealize Log Insight server, or the vRealize Log Insight cluster address if load balancing is enabled.

This property is the only one for which it is mandatory to specify a value.

Two files are created, key.pm and cert.pm.

key.pm is the PEM encoded private key.

cert.pm is the self-signed certificate, which is signed by key.pm.

Concatenate the certificate files. See Concatenate Certificate Files.

Upload the signed certificate. See Upload Signed Certificate.