For my testing lab, I get tired of replacing the SSL self signed cert every 4 months, this should make it last for 9999 days, or 27 years. It also assumes you installed Java jre version 1.6.0_29 . Obviously you may need to modify this to fit your environment, using a self signed cert is bad for security, plus as I’m doing below using the same cert for both http and consoleproxy is also bad for security. And using a password of password isn’t something I do even in my lab.
Step 1: Create New Certs
./usr/java/jre1.6.0_29/bin/keytool –keystore /opt/vmware/certificates.ks -storetype JCEKS -storepass password -validity 9999 -genkey -keyalg RSA -alias http
./usr/java/jre1.6.0_29/bin/keytool -keystore /opt/vmware/certificates.ks -storetype JCEKS -storepass password -validity 9999 -genkey -keyalg RSA -alias consoleproxy
Step 2: Stop vCloud Service
service vmware-vcd stop
Step 3: Go through configure wizard to replace certificates
Step 4: Service should restart at end of the configure command, so there really is no step 4 other than to bring up your vCloud web page and examine the certificate to see your new extended certificate.