5.1
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Updated Information
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Orchestrator Components Setup
- Installing and Upgrading Orchestrator
- Configuring the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Selecting the Authentication Type
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Importing the vCenter Server License
- Start the Orchestrator Server
- Additional Configuration Options
- Change the Password of the Orchestrator Configuration Interface
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import the Plug-In Licenses
- Orchestrator Log Files
- Configuration Use Cases and Troubleshooting
- Registering Orchestrator with vCenter Single Sign On in the vCenter Server Appliance
- Setting Up Orchestrator to Work with the vSphere Web Client
- Check Whether Orchestrator Is Successfully Registered as an Extension
- Unregister Orchestrator from vCenter Single Sign On
- Enable Orchestrator for Remote Workflow Execution
- Changing SSL Certificates
- Back Up the Orchestrator Configuration and Elements
- Unwanted Server Restarts
- Orchestrator Server Fails to Start
- Revert to the Default Password for Orchestrator Configuration
- Setting System Properties
- Disable Access to the Orchestrator Client By Nonadministrators
- Disable Access to Workflows from Web Service Clients
- Setting Server File System Access for Workflows and JavaScript
- Set JavaScript Access to Operating System Commands
- Set JavaScript Access to Java Classes
- Set Custom Timeout Property
- Modify the Number of Objects a Plug-In Search Obtains
- Modify the Number of Concurrent and Delayed Workflows
- Where to Go From Here
- Index
You changed the SSL certificate that the Orchestrator server uses to control access to Web views.
Change the SSL Certificate of the Orchestrator Configuration Interface
You can configure the Orchestrator configuration server to use a different SSL certificate, for example if your
company security policy requires you to use their SSL certificates.
Prerequisites
Make sure that you have generated or installed an SSL certificate signed by a CA.
Procedure
1 Open the following Orchestrator application server configuration file in a text editor.
Option Action
If you installed the standalone
version of Orchestrator
Go to
install_directory
\VMware\Orchestrator\configuration\jetty\e
tc\jetty.xml.
If the vCenter Server installed
Orchestrator
Go to
install_directory
\VMware\Infrastructure\Orchestrator\config
uration\jetty\etc\jetty.xml.
2 In the jetty.xml file, find the following entry:
<Call name="addConnector">
<Arg>
<New class="org.mortbay.jetty.security.SslSocketConnector">
<Set name="Port">8283</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="handshakeTimeout">2000</Set>
<Set name="keystore"><SystemProperty name="jetty.home"
default="." />/etc/jssecacerts</Set>
<Set name="password">dunesdunes</Set>
<Set name="keyPassword">dunesdunes</Set>
<Set name="truststore"><SystemProperty name="jetty.home"
default="." />/etc/jssecacerts</Set>
<Set name="trustPassword">dunesdunes</Set>
3 Change the keystore, truststore, password, keyPassword and trustPassword values to refer to your
<your_keystore_filename> file and password.
4 Save the jetty.xml file.
5 Restart the Orchestrator configuration server.
You successfully changed the SSL certificate for the Orchestrator configuration interface.
Change the SSL Certificate for the Orchestrator Client
By default, the Orchestrator server uses the predefined SSL certificate while communicating remotely with the
Orchestrator client. You can change the SSL certificate for the Orchestrator client, for example if your company
security policy requires you to use its SSL certificates.
Prerequisites
Make sure that you have generated or installed an SSL certificate signed by a CA.
Chapter 7 Configuration Use Cases and Troubleshooting
VMware, Inc. 77