4.0
Table Of Contents
- vCenter Orchestrator Administration Guide
- Contents
- Updated Information
- About This Book
- Introduction to VMware vCenter Orchestrator
- The Orchestrator Client
- Managing Workflows
- Creating Resource Elements
- Using Plug-Ins
- Managing Actions
- Using Packages
- Setting System Properties
- Disable Access to the Orchestrator Client By Nonadministrators
- Disable Access to Workflows from Web Service Clients
- Setting Server File System Access from Workflows and JavaScript
- Set JavaScript Access to Operating System Commands
- Set JavaScript Access to Java Classes
- Set Custom Timeout Property
- Modify the Number of Objects a Plug-In Search Obtains
- Maintenance and Recovery
- Index
5 Save the password.properties file.
6 Restart the Orchestrator Configuration service.
You can log in to the Orchestrator configuration interface with the default credentials.
n
User name: vmware
n
Password: vmware
Change the Web View SSL Certificate
Orchestrator provides an SSL certificate that controls user access to Web views. You can configure Orchestrator
to use a different SSL certificate to control access to Web views. For example, if your company security policy
requires you to use their SSL certificates.
Procedure
1 Create an SSL certificate by running the keytool Java utility at the command prompt.
keytool -genkey -alias mySslCertificate -keyalg RSA
The keytool utility generates a file called .keystore by using the information and password that you
provide when you run the command.
2 Open the following Orchestrator application server configuration file in an editor.
Option Action
If you installed the standalone
version of Orchestrator
Go to
install_directory
\VMware\Orchestrator\app-
server\server\vmo\deploy\jboss-deploy-tomcat\jbossweb-
tomcat55.sar\server.xml.
If the vCenter Server installed
Orchestrator
Go to
install_directory
\VMware\Infrastructure\Orchestrator\app-
server\server\vmo\deploy\jboss-deploy-tomcat\jbossweb-
tomcat55.sar\server.xml.
3 Find the following entry at line 44 in the server.xml file.
<!-- Define a SSL HTTP/1.1 Connector on port ${ch.dunes.https-server.port} -->
<Connector address="${jboss.bind.address}" protocol="HTTP/1.1" SSLEnabled="true"
clientAuth="false" emptySessionPath="true"
keystoreFile="${java.home}/lib/security/jssecacerts"
keystorePass="dunesdunes"
maxHttpHeaderSize="8192" maxThreads="100"
port="${ch.dunes.https-server.port}" scheme="https" secure="true"
sslProtocol="TLS" strategy="ms" />
4 Change the keystoreFile and keystorePass attributes to refer to the .keystore file and the password you
created when you ran the keytool utility.
keystoreFile="/PathToKeystore/.keystore"
keystorePass="NewKeystorePassword"
5 Save the server.xml file and restart the Orchestrator server.
You changed the SSL certificate that the Orchestrator server uses to control access to Web views.
Chapter 9 Maintenance and Recovery
VMware, Inc. 73