vCloud Automation Center uses SSL certificates for secure communication among IaaS components, the Identity Appliance, and instances of the vCloud Automation Center Appliance. The appliances and the Windows installation machines exchange these certificates to establish a trusted connection. You can obtain certificates from an internal or external certificate authority, or generate self-signed certificates during the deployment process for each component.

You can update or replace certificates after deployment. For example, you may choose to use self-signed certificates during deployment, but then obtain certificates from a trusted authority before going live with your vCloud Automation Center implementation.

Certificate Implementations

Component

Minimal Deployment (non production)

Distributed Deployment (production ready)

Virtual Appliances

Generate a self-signed certificate during appliance configuration.

For each appliance cluster, obtain a multi-use certificate, such as a Subject Alternative Name (SAN) certificate, from an internal or external certificate authority. Wildcard certificates are also supported.

IaaS Components

During installation, accept the generated self-signed certificates or select certificate suppression.

Obtain a multi-use certificate, such as a Subject Alternative Name (SAN) certificate, from an internal or external certificate authority that your Web client trusts. Install the same multi-use certificate on each IaaS installation machine.

Note

If you do not have sufficient permissions to install IIS domain certificates, your Web browser prompts you with security exceptions when you open vCloud Automation Center. Follow the instructions for your browser to permanently trust each self-signed certificate.