4.0
Table Of Contents
- vCenter Orchestrator Installation and Configuration Guide
- Contents
- Updated Information
- About This Book
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup Guidelines
- Installing Orchestrator
- Upgrade Orchestrator with vCenter Server
- Upgrade Orchestrator Standalone
- Upgrading Orchestrator Applications After Upgrading vCenter Server
- Uninstall Orchestrator
- Configuring Orchestrator
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Revert to the Default Password for Orchestrator Configuration
- Configure the Network Connection
- Change the Default Configuration Ports on the Orchestrator Client Side
- Import the vCenter SSL Certificate
- Configuring LDAP Settings
- Password Encryption and Hashing Mechanism
- Configure the Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Access Rights to Orchestrator Server
- Import the vCenter Server License
- Start the Orchestrator Server
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Install an Application
- Start a Published Web View
- Change the Web View SSL Certificate
- Define the Server Log Level
- Where to Go From Here
- Index
Orchestrator uses the server certificate to
n
Sign all packages before they are exported by attaching your certificate’s public key to each one.
n
Display a user prompt on importing a package that contains elements signed by untrusted certificates.
What to do next
You can import this certificate on other servers.
Export a Server Certificate
The server certificate private key is stored in the vmo_keystore table of the Orchestrator database. In case you
lose or delete this key, or if you bind the Orchestrator server to a different database, the content of the exported
packages signed with this certificate will become unavailable. To ensure that packages are decrypted on import,
you must save this key to a local file.
Prerequisites
You must have created or imported a server certificate.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Server Certificate.
3 Click Export certificate database.
4 Enter a password to encrypt the content of the exported keystore database.
You must enter this password again when importing the file.
5 Click Export.
6 Save the vmo-server.vmokeystore file when prompted.
Change a Self-Signed Server Certificate
If you want to sign your packages with a server certificate different from the one you used for the initial
Orchestrator configuration, you need to export all your packages and reinstall the Orchestrator server.
Procedure
1 Export all your packages.
a Click the Packages view in the Orchestrator client.
b Right-click the package to export and select Export package.
c Browse to select a location in which to save the package and click Open.
d Leave the View content, Re-Packageable, and Edit element options selected.
CAUTION Do not sign the package with your current certificate. You must not encrypt the package.
When you delete the certificate database, the private key will be lost and the content of the exported
package will become unavailable.
e (Optional) Deselect the Export version history check box if you do not want to export the version
history.
f Click Save.
2 (Optional) Export the Orchestrator configuration.
3 Uninstall the Orchestrator server.
Chapter 9 Configuring Orchestrator
VMware, Inc. 49