1.2.0
Table Of Contents
- Lifecycle Manager Installation and Configuration Guide
- Contents
- About This Book
- Introducing LCM
- Installing and Configuring Orchestrator
- Orchestrator Components Setup Guidelines
- Install Orchestrator
- Configuring Orchestrator
- Check Configuration Readiness
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Revert to the Default Password for Orchestrator Configuration
- Configure the Network Connection
- Change the Default Configuration Ports on the Orchestrator Client Side
- Import the vCenter SSL Certificate
- Configuring LDAP Settings
- Password Encryption and Hashing Mechanism
- Configure the Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Change the Web View SSL Certificate
- Define the Server Log Level
- Maintenance and Recovery
- Controlling Orchestrator Access
- Installing and Configuring LCM
- Installing LCM
- Configuring LCM
- Check Configuration Readiness
- Initial Configuration of Lifecycle Manager
- Configure the LCM Web View
- Set Approval Requirements
- Configure Archiving Settings
- Change Authorization Groups
- Change the Naming Convention for Virtual Machines
- Enable Email Notifications
- Configure Email Notification Content
- Configure Currency and Date Formats
- Upgrading Orchestrator and LCM
- Uninstall LCM and Orchestrator
- Index
Change the Web View SSL Certificate
Orchestrator provides an SSL certificate that controls user access to Web views, such as LCM. You can configure
Orchestrator to use a different SSL certificate to control access to Web views. For example, you can change the
LCM SSL certificate if your company security policy requires you to use their SSL certificates.
Procedure
1 Create an SSL certificate by running the keytool Java utility at the command prompt.
keytool -genkey -alias mySslCertificate -keyalg RSA
The keytool utility generates a file called .keystore by using the information and password that you
provide when you run the command.
2 Open the C:\Program Files\VMware\Orchestrator\app-server\server\vmo\deploy\jboss-deploy-tomcat
\jbossweb-tomcat55.sar\server.xml Orchestrator application server configuration file in an editor.
3 Find the following entry at line 44 in the server.xml file.
<!-- Define a SSL HTTP/1.1 Connector on port ${ch.dunes.https-server.port} -->
<Connector address="${jboss.bind.address}" protocol="HTTP/1.1" SSLEnabled="true"
clientAuth="false" emptySessionPath="true"
keystoreFile="${java.home}/lib/security/jssecacerts"
keystorePass="dunesdunes"
maxHttpHeaderSize="8192" maxThreads="100"
port="${ch.dunes.https-server.port}" scheme="https" secure="true"
sslProtocol="TLS" strategy="ms" />
4 Change the keystoreFile and keystorePass attributes to refer to the .keystore file and the password you
created when you ran the keytool utility.
keystoreFile="/PathToKeystore/.keystore"
keystorePass="NewKeystorePassword"
5 Save the server.xml file and restart the Orchestrator server.
You changed the SSL certificate that the Orchestrator server uses to control access to Web views.
Define the Server Log Level
In the Orchestrator configuration interface, you can set the level of server log that you require. Changing the
log level affects any new messages that the server writes to the server log.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Log.
3 Select an option from the Log level drop-down menu.
Option Description
FATAL
Only fatal errors are written to the log file.
ERROR
Errors and fatal errors are written to the log file.
WARN
Warnings, errors, and fatal errors are written to the log file.
INFO
Information, warnings, errors, and fatal errors are written to the log file.
DEBUG
Debug information, information messages, warnings, errors, and fatal errors
are written to the log file.
Chapter 6 Configuring Orchestrator
VMware, Inc. 53