Specifications
Table Of Contents
- View Manager Administration Guide
- Contents
- About This Book
- Introduction
- Installation
- View Administrator
- Virtual Desktop Deployment
- Client Management
- Installing and Running View Client and View Portal
- Client Connections from the Internet
- Creating SSL Server Certificates
- Using Existing SSL Certificates
- Smart Card Authentication
- RSA SecurID Authentication
- View Client Command Line Options
- Virtual Printing
- Adobe Flash Bandwidth Reduction
- Client Computer Information
- Using PCoIP Display Protocol
- Using HP RGS Display Protocol
- View Composer
- Overview of View Composer
- Preparing vCenter Server for View Composer
- Preparing a Parent VM
- Deploying Linked Clone Desktops from View Manager
- Refreshing, Recomposing, and Rebalancing Linked Clone Desktops
- Using an Existing View Composer Database
- Using the SviConfig Tool for View Composer
- Offline Desktop
- Component Policies
- Unified Access
- Troubleshooting
- Appendix: The locked.properties File
- Glossary
- Index
View Manager Administration Guide
100 VMware, Inc.
Bydefault,inViewConnectionServerwhenaclientvisitsasecurepagesuchas
View Administratortheyarepresentedwiththeself‐signedcertificateprovidedwith
theapplication.Byreadingtheservercertificatetheusercandecideiftheserverisa
trustedsource,andthenaccept(orreject)theconnection.
ThecertificatecanbesignedbyaCertificateAuthority(CA)—atrustedthirdpartywho
guaranteestheidentityofthecertificateanditscreator.
TocreateyourowncertificateforViewConnectionServerdooneofthefollowing:
Createaself‐signedcertificateforyoursystemusingthekeytoolutilityprovided
withtheJavaRuntimeEnvironment(JRE)instancethataccompaniesView
ConnectionServer.Self‐signedcertificatesareusergeneratedcertificatesthathave
notbeenofficiallyregisteredwithanytrustedCA,andarethereforenot
guaranteedtobeauthentic.
Createacertificateandthensendacertificatesigningrequest(CSR)thatcontains
yourcertificatedetailstoaCA.Afterconductingsomechecksonthecompanyor
individualmakingtheapplication,theCAsignstherequestandencryptsitwith
theirprivatekey.Thevalidcertificateisreturnedandisthen
insertedintoa
keystoreonViewConnectionServer.
ClientsconnectingtoViewConnectionServerarepresentedwithyourcertificate.Ifthe
certificateisself‐signedbutacceptedbytheuser,orsignedbyaCAthatistrustedby
theclientbrowser,theclientusesthepublickeycontainedwithinthe
certificateto
encryptthedataitsendstoViewConnectionServer.Typically ,thecertificatefortheCA
itselfisembeddedinthebrowserorislocatedinatrusteddatabasethatisaccessibleby
theclient.
Afteracceptingthecertificate,theclientrespondsbysendingasecretkey,whichis
encrypted
withtheserver’spublickey.Thiskeyisusedtoencrypttrafficbetweenthe
clientandtheViewConnectionServerinstanceorsecurityserver.
Bydefault,ViewConnectionServerincludesaself‐signedSSLcertificatethatclients
canusetocreatesecuresessionswhentheyconnect.Thiscertificateisnot
trustedby
clientsanddoesnothavethecorrectnamefortheservice,butitdoesallowconnectivity.
N
OTEItisstronglyrecommendedthatyoucontinuetousethedefaultcertificate
providedwithViewConnectionServeruntilyouarereadytocreateyourown
certificateandgetitsignedbyaCA.
N
OTECertificatesareonlyrequiredforstandard,replica,orsecurityserversthat
receivedirectconnectionsfromtheirclients.Ifyouareusingasecurityserverasyour
client‐facingsystem,onlythisserverwillrequireacertificate.