4.2.1
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Updated Information
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup
- Installing and Upgrading Orchestrator
- Download the vCenter Server Installer
- Install vCenter Server and Orchestrator
- Install Orchestrator Standalone
- Install the Orchestrator Client on a 32-Bit Machine
- Upgrade vCenter Server 4.1 and Orchestrator
- Upgrade Orchestrator 4.1.x Standalone
- Upgrading Orchestrator 4.0.x Running on a 64-Bit Machine
- Upgrading Orchestrator 4.0.x and Migrating the Configuration Data
- Uninstall Orchestrator
- Initial Configuration of the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Orchestrator Configuration Interface for Remote Connection
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Configuring LDAP Settings
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Import the vCenter Server License
- Start the Orchestrator Server
- Further Configuration Options
- Revert to the Default Password for Orchestrator Configuration
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Unwanted Server Restarts
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import the Plug-In Licenses
- Changing SSL Certificates
- Define the Server Log Level
- Filter the Orchestrator Log Files
- Enable Orchestrator for Remote Workflow Execution
- Where to Go From Here
- Index
Change the SSL Certificate for the Orchestrator Client
By default, the Orchestrator server uses the predefined SSL certificate while communicating remotely with the
Orchestrator client. You can change the SSL certificate for the Orchestrator client, for example if your company
security policy requires you to use its SSL certificates.
Prerequisites
Make sure that you have installed an SSL certificate signed by a CA.
Procedure
1 Open the following Orchestrator application server service file in a text editor.
Option Action
If you installed the standalone
version of Orchestrator
Go to
install_directory
\VMware\Orchestrator\app-
server\server\vmo\conf\jboss-service.xml.
If the vCenter Server installed
Orchestrator
Go to
install_directory
\VMware\Infrastructure\Orchestrator\app-
server\server\vmo\conf\jboss-service.xml.
2 Find the following entry at line 359 in the jboss-service.xml file.
<!-- The SSL domain setup -->
<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
name="Security:name=JaasSecurityDomain,domain=dunes">
<constructor>
<arg type="java.lang.String" value="dunes"/>
</constructor>
<attribute name="KeyStoreURL">${java.home}/lib/security/jssecacerts</attribute>
<attribute name="KeyStorePass">dunesdunes</attribute>
</mbean>
3 Change the keystoreURL and keystorePass attributes to refer to the path to the .keystore file and the
password you created when you ran the keytool utility.
keystoreURL="/PathToKeystore/.keystore"
keystorePass="NewKeystorePassword"
The keystoreURL attribute is a URL and must contain slashes as directory separators.
4 Save the jboss-service.xml file and restart the Orchestrator server.
The Orchestrator client authenticates the Orchestrator server by using the SSL certificate you changed.
Define the Server Log Level
In the Orchestrator configuration interface, you can set the level of server log that you require. The default
server log level is INFO. Changing the log level affects any new messages that the server writes to the server
log and the number of active connections to the database.
CAUTION Only set the log level to DEBUG or ALL to debug a problem. Do not use this setting in a production
environment because it can seriously impair performance.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Log.
Chapter 6 Further Configuration Options
VMware, Inc. 69