5.1
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Updated Information
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup
- Installing and Upgrading Orchestrator
- Configuring the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Selecting the Authentication Type
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Importing the vCenter Server License
- Start the Orchestrator Server
- Additional Configuration Options
- Change the Password of the Orchestrator Configuration Interface
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import the Plug-In Licenses
- Orchestrator Log Files
- Configuration Use Cases and Troubleshooting
- Registering Orchestrator with vCenter Single Sign On in the vCenter Server Appliance
- Setting Up Orchestrator to Work with the vSphere Web Client
- Check Whether Orchestrator Is Successfully Registered as an Extension
- Unregister Orchestrator from vCenter Single Sign On
- Enable Orchestrator for Remote Workflow Execution
- Changing SSL Certificates
- Back Up the Orchestrator Configuration and Elements
- Unwanted Server Restarts
- Orchestrator Server Fails to Start
- Revert to the Default Password for Orchestrator Configuration
- Setting System Properties
- Disable Access to the Orchestrator Client By Nonadministrators
- Disable Access to Workflows from Web Service Clients
- Setting Server File System Access for Workflows and JavaScript
- Set JavaScript Access to Operating System Commands
- Set JavaScript Access to Java Classes
- Set Custom Timeout Property
- Modify the Number of Objects a Plug-In Search Obtains
- Modify the Number of Concurrent and Delayed Workflows
- Where to Go From Here
- Index
Export a Server Certificate
The server certificate private key is stored in the vmo_keystore table of the Orchestrator database. In case you
lose or delete this key, or if you bind the Orchestrator server to a different database, the contents of the exported
packages signed with this certificate become unavailable. To ensure that packages are decrypted on import,
you must save this key to a local file.
Prerequisites
You must have created or imported a server certificate.
Procedure
1 Log in to the Orchestrator configuration interface as vmware.
2 Click Server Certificate.
3 Click Export certificate database.
4 Type a password to encrypt the content of the exported keystore database.
You must enter this password again when importing the file.
5 Click Export.
6 Save the vmo-server.vmokeystore file when prompted.
Changing a Self-Signed Server Certificate
If you want to sign your packages with a server certificate different from the one you used for the initial
Orchestrator configuration, you must export all your packages and change the Orchestrator database.
This workflow describes the process to change the Orchestrator self-signed certificate.
1 Export all your packages by using the Orchestrator client.
a Select Administer from the drop-down menu in the left upper corner of the Orchestrator client.
b Click the Packages view.
c Right-click the package to export and select Export package.
d Browse to select a location to save the package to and click Save.
e Leave the View content, Add to package, and Edit contents options selected.
CAUTION Do not sign the package with your current certificate. You must not encrypt the package.
When you delete the certificate database, the private key is lost and the contents of the exported
package become unavailable.
f (Optional) Deselect the Export version history check box if you do not want to export the version
history.
g Click Save.
2 Create a new database and configure Orchestrator to work with it.
You configure the Orchestrator database connection by using the Orchestrator configuration interface. For
more information about setting up the Orchestrator database, see “Configure the Database
Connection,” on page 46.
3 (Optional) Export the Orchestrator configuration to back up your configuration data in case you want to
use the old database and the old SSL certificate.
Chapter 5 Configuring the Orchestrator Server
VMware, Inc. 51