Nutanix : How to replace default Nutanix ERA certificate

13 December 2019 | Bilel Kammoun - Igor Zecevic | H-convergée, NTNX, Tools

For better security, TLS certificates are necessary to enable secure connections between a browser and your application. In this article, I will show you in fives steps how you change the default ERA certificate with custom certificate

Step 1: Snapshot ERA VM

Step 2: Transfer certificate files to Era VM on specific folder.

You need  a PEM bundle containing:

  • The private key without passphrase
  • The certificate itself
  • Intermediate certificates

Tips: Use openssl to remove passphrase from the private key with the below command: 

.\_bin\openssl.exe rsa -in prive-key.key -out new-prive-key.pem

Step 3: Connect to ERA VM with:

  • Login: era
  • Default Password: Nutanix.1

Step 4: Launch the era server CLI with $era-server command

Step 5: Run command security ssl add_custom certificate_file=PATH private_key=PATH ca_certificate=PATH to configure the certificate

If everything went according to plan, you should have the new certificate of your ERA portal. The process takes less than 2 minutes:

Step 6: Delete the snapshot 🙂 

In case you get some issue, let me know in the comments area and I will do my best to help!

Leave a Reply

Your email address will not be published. Required fields are marked *