The system administrator can replace a self-signed certificate with another self-signed certificate or a certificate from a certificate authority after the installation is complete. Certificate updates are required when the certificate type changes or the certificate expires.

1

The system administrator can replace a self-signed certificate with one from a certificate authority to ensure security in a distributed deployment environment.

2

After certificates are updated on the IaaS servers, the system administrator updates the IaaS component registry to reestablish trusted communications between the virtual appliances and IaaS components. In a distributed environment, this process is repeated for each IaaS server where you updated certificates.