Dell VxRail: How to Manually Import vCenter SSL Certificate on VxRail Manager

A Python script is attached to this article in a .zip file (check the bottom of the article) to provide the importing process. Run this script AS ROOT on VxRail Manager, and use --help to obtain usage. Remove the script after use.
 

Follow these steps to replace certificates on VxRail Manager:

1. Download the python script cert_util_pkb.zip and upload it to VxRail Manager.
2. You must now use SSH log in to VxRail Manager and switch to ROOT user.
3. Extract script cert_util_pkb.zip:

# unzip cert_util_pkb.zip

4. Run the script:

# python cert_util.py

5. Wait for the VxRail plug-in UI to load. It may take up to 10 minutes for the UI to be read.

vxm:/home/mystic # python cert_util.py
Verify certificate against vCenter vcluster101-vcsa.vv003.local
Downloaded root CA certificate zip to /tmp/tmpw2w8j7_r
Downloaded root CA certificate zip from vcluster101-vcsa.vv003.local
Found certificates ['certs/lin/53f38aa6.0', 'certs/lin/53f38aa6.r0'] that can verify server certificate
Clean up existing certificates in /var/lib/vmware-marvin/trust/
 - Removing /var/lib/vmware-marvin/trust/lin/53f38aa6.r0
 - Removing /var/lib/vmware-marvin/trust/lin/53f38aa6.0
Clean up existing crl files in /var/lib/vmware-marvin/trust/crl/
Root CA certificate /tmp/certs/lin is saved at /var/lib/vmware-marvin/trust/.
Remove /tmp/certs directory.
Delete saved CRL info in cacheservice...
1
1
Restarting vmware-marvin service...
Restarting runjars service...

Sometimes it may be necessary to import all certificates, not only the ones with the higher numbers.

See this published video: