2.5

Table Of Contents

ACE Management Server Administrator’s Manual

44 VMware, Inc.

4Replaceplaceholders<...>withthePostgreSQLdatabaseserverDNSnameor

IP addressandthedatabasenameofthisserver.

5Usethedefaultportnumberorsetadifferentportnumber.

6 Savethefile.

Afteryoucompletethistask,postgres_dsnappearsinthedrop‐downmenuonthe

DatabasetabintheACE

ManagementServerSetupapplication.

Prepare Custom Security Certificates

TousecustomSSLcertificates,eitheryourownself‐signedcertificatesorthoseofa

third‐partyorinternalCA(certificateauthority),youmustprovidethecertificate,key,

and(inthecaseofCAs)certificatechainfiles.ThesefilesmustbePEMencoded.

Afteryoucreateorobtainthesefiles,upload

themtoACE ManagementServerbyusing

theCustomSSLCertificatestabintheACEManagementServerSetupapplication.

FormoreinformationabouthowVMwareACEusesSSLcertificates,see“UsingSSL

CertificatesandProtocol”onpage 21.

To prepare custom security certificates

1 Createorprovidetheneededfiles:

 Foryourownself‐signedcertificate,usetheopensslutilitytocreateanew

self‐signedcertificate.

 Forathird‐partyCAorinternalCA,obtainanSSLcertificatesignedbythat

CA,andacertificate‐verificationchainfile.

Thechainfileisaconcatenationofeverycertificaterequiredtoverifythenew

SSLcertificateyoucreatedorobtained.Stepsforobtainingthecertificatechain

vary,dependingon

whichhostoperatingsystemyouareusingandonthe

sourcefromwhichtheCAcertificateisobtained.

 Aprivate‐keyfile.SSLencryptsdatathroughtheuseofapublic‐keyand

private‐keypair.Thepublickeyisknowntoeveryoneandtheprivatekeyis

knownonlytothemessagerecipient.

ThecertificatesignaturesmustusetheSHA1algorithmdigest.Thefilesmustbe

PEM‐encoded.