2.5

Table Of Contents

ACE Management Server Administrator’s Manual

56 VMware, Inc.

2Ifyourcertificatesrequireacertificatechaintobeverified,createacertificatechain

fileforeachcertificate.

Thecertificatechainfileisatextfilethatcontainseverycertificate(inPEMformat)

neededtoverifytheleafcertificate(includingtherootcertificateofthechain).

a Downloadtheverificationchainfromyour

certificateauthority.

b EachcertificatemustbeinPEMformatbeforeyoucreatethecertificatechain

file.

ToconverttoPEMformat,usetheopenSSLtoolsavailableonline.

c CreatethecertificatechainfilebyconcatenatingeachPEM‐encodedcertificate

intoonefile.

 Ifbothofyourcertificatesareself‐signed,yourcertificatechainfilemust

beafilethatcontainsbothcertificatesconcatenated.

 Ifyoureceivedyourcertificatesfromthesamecertificateauthority,the

chainfilemustcontainonlytheverificationchainforthesecertificates,

andthechainsmustbethesame.

 Ifthecertificatescomefromdifferentcertificateauthorities,thechainfile

mustcontainbothcertificateverificationchains.

Forexample,ifyouareusingtwoACEManagementServerinstancesyouhave

twocertificatechainfiles.

3Joinallofthecertificatechainfilesintoonefile.

Ifyoucan,eliminatetheduplicateentries.

4Convert

theserver’sSSLcertificatestoPEMformat.

5Addtheserver’sSSLcertificatesinPEMformattothecertificatechainfile.

6OntheCustomSSLCertificatestab,uploadtheSSLcertificatefile,theSSLkeyfile,

andthecertificatechainfile:

aSpecifythekeyfileintheServerPrivateKeyfield.

bSpecifythecertificate

fileintheServerPublicCertificatefield.

cClickUploadcertificates.

dClickApplyandclickRestart.

CompletethisstepforeveryACEManagementServ erinyourfarmtouploadfiles

toeachACEManagementServer.