4.0
Table Of Contents
- vCenter Orchestrator Installation and Configuration Guide
- Contents
- Updated Information
- About This Book
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup Guidelines
- Installing Orchestrator
- Upgrade Orchestrator with vCenter Server
- Upgrade Orchestrator Standalone
- Upgrading Orchestrator Applications After Upgrading vCenter Server
- Uninstall Orchestrator
- Configuring Orchestrator
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Change the Default Password
- Revert to the Default Password for Orchestrator Configuration
- Configure the Network Connection
- Change the Default Configuration Ports on the Orchestrator Client Side
- Import the vCenter SSL Certificate
- Configuring LDAP Settings
- Password Encryption and Hashing Mechanism
- Configure the Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Access Rights to Orchestrator Server
- Import the vCenter Server License
- Start the Orchestrator Server
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Install an Application
- Start a Published Web View
- Change the Web View SSL Certificate
- Define the Server Log Level
- Where to Go From Here
- Index
Change the Web View SSL Certificate
Orchestrator provides an SSL certificate that controls user access to Web views. You can configure Orchestrator
to use a different SSL certificate to control access to Web views. For example, if your company security policy
requires you to use their SSL certificates.
Procedure
1 Create an SSL certificate by running the keytool Java utility at the command prompt.
keytool -genkey -alias mySslCertificate -keyalg RSA
The keytool utility generates a file called .keystore by using the information and password that you
provide when you run the command.
2 Open the following Orchestrator application server configuration file in an editor.
Option Action
If you installed the standalone
version of Orchestrator
Go to
install_directory
\VMware\Orchestrator\app-
server\server\vmo\deploy\jboss-deploy-tomcat\jbossweb-
tomcat55.sar\server.xml.
If the vCenter Server installed
Orchestrator
Go to
install_directory
\VMware\Infrastructure\Orchestrator\app-
server\server\vmo\deploy\jboss-deploy-tomcat\jbossweb-
tomcat55.sar\server.xml.
3 Find the following entry at line 44 in the server.xml file.
<!-- Define a SSL HTTP/1.1 Connector on port ${ch.dunes.https-server.port} -->
<Connector address="${jboss.bind.address}" protocol="HTTP/1.1" SSLEnabled="true"
clientAuth="false" emptySessionPath="true"
keystoreFile="${java.home}/lib/security/jssecacerts"
keystorePass="dunesdunes"
maxHttpHeaderSize="8192" maxThreads="100"
port="${ch.dunes.https-server.port}" scheme="https" secure="true"
sslProtocol="TLS" strategy="ms" />
4 Change the keystoreFile and keystorePass attributes to refer to the .keystore file and the password you
created when you ran the keytool utility.
keystoreFile="/PathToKeystore/.keystore"
keystorePass="NewKeystorePassword"
5 Save the server.xml file and restart the Orchestrator server.
You changed the SSL certificate that the Orchestrator server uses to control access to Web views.
Define the Server Log Level
In the Orchestrator configuration interface, you can set the level of server log that you require. The default
server log level is INFO. Changing the log level affects any new messages that the server writes to the server
log and the number of active connections to the database.
CAUTION Only set the log level to DEBUG or ALL to debug a problem. Do not use this setting in a production
environment because it can seriously impair performance.
vCenter Orchestrator Installation and Configuration Guide
60 VMware, Inc.