4.2.1
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Updated Information
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup
- Installing and Upgrading Orchestrator
- Download the vCenter Server Installer
- Install vCenter Server and Orchestrator
- Install Orchestrator Standalone
- Install the Orchestrator Client on a 32-Bit Machine
- Upgrade vCenter Server 4.1 and Orchestrator
- Upgrade Orchestrator 4.1.x Standalone
- Upgrading Orchestrator 4.0.x Running on a 64-Bit Machine
- Upgrading Orchestrator 4.0.x and Migrating the Configuration Data
- Uninstall Orchestrator
- Initial Configuration of the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Orchestrator Configuration Interface for Remote Connection
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Configuring LDAP Settings
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Further Configuration Options
- Revert to the Default Password for Orchestrator Configuration
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Unwanted Server Restarts
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import the Plug-In Licenses
- Changing SSL Certificates
- Define the Server Log Level
- Filter the Orchestrator Log Files
- Enable Orchestrator for Remote Workflow Execution
- Where to Go From Here
- Index
n
Obtain a Server Certificate Signed by a Certificate Authority on page 51
To provide recipients with an acceptable level of trust that the package was created by your server,
certificates are typically signed by a certificate authority (CA). Certificate authorities guarantee that you
are who you claim to be, and as a token of their verification, they sign your certificate with their own.
n
Import a Server Certificate on page 52
You can import a server certificate and use it with Orchestrator.
n
Export a Server Certificate on page 52
The server certificate private key is stored in the vmo_keystore table of the Orchestrator database. In case
you lose or delete this key, or if you bind the Orchestrator server to a different database, the contents of
the exported packages signed with this certificate become unavailable. To ensure that packages are
decrypted on import, you must save this key to a local file.
n
Changing a Self-Signed Server Certificate on page 53
If you want to sign your packages with a server certificate different from the one you used for the initial
Orchestrator configuration, you must export all your packages and change the Orchestrator database.
Create a Self-Signed Server Certificate
Installing Orchestrator or deploying the Orchestrator requires that you create a certificate. You can create a
self-signed certificate to guarantee encrypted communication and a signature for your packages. However,
the recipient cannot be sure that the self-signed package that you are sending is in fact a package issued by
your server and not a third party claiming to be you.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Server Certificate.
3 Click Create certificate database and self-signed server certificate.
4 Type the relevant information.
5 From the drop-down menu, select a country.
6 Click Create.
Orchestrator generates a server certificate that is unique to your environment. The details about the certificate's
public key appear in the Server Certificate window. The certificate's private key is stored in the
vmo_keystore table of the Orchestrator database.
What to do next
For disaster recovery purposes, you can save the certificate private key to a local file.
Obtain a Server Certificate Signed by a Certificate Authority
To provide recipients with an acceptable level of trust that the package was created by your server, certificates
are typically signed by a certificate authority (CA). Certificate authorities guarantee that you are who you claim
to be, and as a token of their verification, they sign your certificate with their own.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Server Certificate.
Chapter 5 Initial Configuration of the Orchestrator Server
VMware, Inc. 51