2.6
Table Of Contents
- ACE Management Server Administrator’s Manual
- Contents
- About This Book
- Introduction
- Planning an ACE Management Server Deployment
- Installing and Configuring ACE Management Server
- Configuration Options for ACE Management Server
- Prerequisites for Configuring the Server
- Starting ACE Management Server Configuration
- Viewing and Changing Licensing Information
- Using an External Database
- Creating Access Control
- Uploading Custom SSL Certificates
- Logging Events
- Applying Configuration Settings
- Load-Balancing Multiple ACE Management Server Instances
- Typical Setup Using Load-Balanced ACE Management Server Instances
- Install the Required Services for Load Balancing
- Use the Same SSL Certificate on All Servers
- Create New SSL Certificates and Keys for Each Server
- Installing and Configuring the Load Balancer
- Verify That ACE Instances Are Using the Load Balancer
- Managing ACE Instances
- Viewing ACE Instances That the Server Manages
- Search for an Instance
- Sort by Column Heading and Change Column Width
- Show, Hide, and Move Columns in the Instance View
- Create or Delete Custom Columns in the Instance View
- View Instance Details
- Reactivate, Deactivate, or Delete an ACE Instance
- Change a Copy Protection ID
- Reset the Authentication Password
- Add Information for Custom Columns
- Troubleshooting and Maintenance
- Appendix: Database Schema and Audit Event Log Data
- Glossary
- Index
VMware, Inc. 43
Chapter 5 Load-Balancing Multiple ACE Management Server Instances
3Joinallofthecertificatechainfilesintoonefile.
Ifyoucan,eliminatetheduplicateentries.
4Converttheserver’sSSLcertificatestoPEMformat.
5Addtheserver’sSSLcertificatesinPEMformattothecertificatechainfile.
6OntheCustomSSLCertificatestab,uploadtheSSLcertificatefile,theSSLkeyfile,andthecertificate
chainfile:
aSpecifythekeyfileintheServerPrivateKeyfield.
bSpecifythecertificatefileintheServerPublicCertificatefield.
cClickUploadcertificates.
dClickApplyandclickRestart.
CompletethisstepforeveryACEManagementServerinyourfarmtouploadfilestoeachACE
Management
Server.
Installing and Configuring the Load Balancer
ACEManagementServerusesHTTPStocommunicatewithitsclients.Youcanuseanyloadbalancing
solutionthatsupportsHTTPSwithACEManagementServer.
Installtheloadbalancerandconfigureport443(HTTPoverSSL)forloadbalancing.Do notconfigure
port 8080or8000forloadbalancing.Thesetwoportsareused
forconfiguration.Port 8080isthevirtual
applianceconfigurationportand8000istheACEManagementServerconfigurationport.
Verify That ACE Instances Are Using the Load Balancer
AfteryouconfiguremultipleACEManagementServerinstancestoworkwithaloadbalancerandinstallthe
necessarySSLcertificates,performverification.VerifythatACEinstancescanconnecttoACEManagement
Serverinstancesbyusingtheaddressoftheload‐balancer.
Beforeyoubegin,restartWorkstationsothatWorkstationcandownload
theSSLcertificatewhenaconnection
totheACEManagementServerisestablished.
To verify that ACE instances are using the load balancer
1 CreateanACE‐enabledvirtualmachine.
2Openthepolicyeditor.
3 SelectPolicyUpdateFrequency.
4 SelectDisableOfflineUsageandclickOK.
5RemovethefirstACEManagementServerfromtheloadbalancingconfigurationsothatalltrafficgoesto
thesecondACEManagementServer.
6PreviewtheACEinstance.
ThispreviewcreatesaninstanceontheACEManagementServer.
7ClosetheACEPlayer.
8RemovethesecondACEManagementServerfromtheload‐balancingconfigurationandaddthefirst
ACEManagementServerbacktotheconfiguration.
AlltrafficgoestothefirstACEManagement
Server.
9PreviewthesameACEinstanceagain,andwhenpromptedwhethertoreinstantiateorreusetheinstance,
selectUseExistingInstance.
Iftheinstancestartssuccessfully,bothserversareusingthesameSSLcertificate.