VMware Certified Specialist - Cloud Foundation 2023 5V0-31.22 Question # 25 Topic 3 Discussion

A. Generate Certificate Signing Requests from SDDC Manager - In order to replace the self-signed certificates with third-party signed certificates, the Certificate Signing Requests (CSRs) need to be generated. This can be done from the SDDC Manager UI.

C. Create and package the certificates in a domain_name.tar.gz file - After the CSRs are generated, they can be used to obtain third-party signed certificates from a certificate authority. Once the certificates are obtained, they need to be packaged in a domain_name.tar.gz file and uploaded to SDDC Manager.

Generate Certificate Signing Requests (CSRs) from SDDC Manager for each component that requires a certificate1. You can do this from the SDDC Manager UI or using an API call1.

Have the CSRs signed by a third-party Certificate Authority of your choice1. You can use any external provider that meets your security policy requirements.

Create and package the certificates in a domain_name.tar.gz file according to the naming convention and folder structure specified by SDDC Manager1. You can use any compression tool that supports gzip format.

Upload and install the certificates using SDDC Manager UI or API1. You can also verify and troubleshoot the certificate installation using SDDC Manager.

https://docs.vmware.com/en/VMware-Cloud-Foundation/4.5/vcf-admin/GUID-80431626-B9CD-4F21-B681-A8F5024D2375.html