5.5
Table Of Contents
- Installing and Configuring VMware vCenter Orchestrator
- Contents
- Installing and Configuring VMware vCenter Orchestrator
- Introduction to VMware vCenter Orchestrator
- Orchestrator System Requirements
- Hardware Requirements for Orchestrator
- Hardware Requirements for the Orchestrator Appliance
- Operating Systems Supported by Orchestrator
- Supported Directory Services
- Browsers Supported by Orchestrator
- Orchestrator Database Requirements
- Software Included in the Orchestrator Appliance
- Level of Internationalization Support
- Setting Up Orchestrator Components
- Installing and Upgrading Orchestrator
- Download the vCenter Server Installer
- Install Orchestrator Standalone
- Install the Orchestrator Client on a 32-Bit Machine
- Install the Client Integration Plug-In in the vSphere Web Client
- Download and Deploy the Orchestrator Appliance
- Upgrade Orchestrator 4.2.x and 5.1.x Standalone
- Upgrading Orchestrator 4.0.x Running on a 64-Bit Machine
- Upgrading Orchestrator 4.0.x and Migrating the Configuration Data
- Upgrading the Orchestrator Appliance
- Uninstall Orchestrator
- Configuring the Orchestrator Server
- Start the Orchestrator Configuration Service
- Log In to the Orchestrator Configuration Interface
- Configure the Network Connection
- Orchestrator Network Ports
- Import the vCenter Server SSL Certificate
- Selecting the Authentication Type
- Configuring the Orchestrator Database Connection
- Server Certificate
- Configure the Default Plug-Ins
- Importing the vCenter Server License
- Selecting the Orchestrator Server Mode
- Start the Orchestrator Server
- Configuring vCenter Orchestrator in the Orchestrator Appliance
- Configuring Orchestrator by Using the Configuration Plug-In and the REST API
- Configure Network Settings by Using the REST API
- Configuring Authentication Settings by Using the REST API
- Configure the Database Connection by Using the REST API
- Create a Self-Signed Server Certificate by Using the REST API
- Managing SSL Certificates Through the REST API
- Importing Licenses by Using the REST API
- Additional Configuration Options
- Change the Password of the Orchestrator Configuration Interface
- Change the Default Configuration Ports on the Orchestrator Client Side
- Uninstall a Plug-In
- Activate the Service Watchdog Utility
- Export the Orchestrator Configuration
- Import the Orchestrator Configuration
- Configure the Maximum Number of Events and Runs
- Import Licenses for a Plug-In
- Orchestrator Log Files
- Configuration Use Cases and Troubleshooting
- Configuring a Cluster of Orchestrator Server Instances
- Registering Orchestrator with vCenter Single Sign-On in the vCenter Server Appliance
- Setting Up Orchestrator to Work with the vSphere Web Client
- Check Whether Orchestrator Is Successfully Registered as an Extension
- Unregister Orchestrator from vCenter Single Sign-On
- Enable Orchestrator for Remote Workflow Execution
- Changing SSL Certificates
- Back Up the Orchestrator Configuration and Elements
- Unwanted Server Restarts
- Orchestrator Server Fails to Start
- Revert to the Default Password for Orchestrator Configuration
- Setting System Properties
- Disable Access to the Orchestrator Client By Nonadministrators
- Disable Access to Workflows from Web Service Clients
- Setting Server File System Access for Workflows and JavaScript
- Set JavaScript Access to Operating System Commands
- Set JavaScript Access to Java Classes
- Set Custom Timeout Property
- Modify the Number of Objects a Plug-In Search Obtains
- Modify the Number of Concurrent and Delayed Workflows
- Where to Go From Here
- Index
n
Back up the jssecacerts file, located at install_directory\app-server\conf\security\jssecacerts.
Procedure
1 Stop the Orchestrator server service.
a Select Start > Programs > Administrative Tools > Services.
b In the right pane, right-click VMware vCenter Orchestrator Server and select Stop.
2 On the Windows Start menu, right-click Command Prompt, and select Run as administrator.
3 Navigate to the keytool utility at the command prompt.
Option Action
If you installed the standalone
version of Orchestrator
Go to install_directory\VMware\Orchestrator\jre\bin\keytool.
If the vCenter Server installed
Orchestrator
Go to
install_directory\VMware\Infrastructure\Orchestrator\jre\bi
n\keytool.
4 Delete the current dunes key from the keystore.
keytool -delete-alias dunes -keystore "install_directory\app-
server\conf\security\jssecacerts"
5 Generate a new certificate for the dunes key, for example a 10-years certificate:
keytool -keystore "install_directory\app-server\conf\security\jssecacerts" -storepass
dunesdunes -genkey -keyalg RSA -alias dunes -validity 3650
You can adjust the validity of the certificate in days.
6 When prompted for your first and last name, enter the fully qualified domain name (FQDN) of your
Orchestrator server.
Make sure to enter the FQDN of the Orchestrator server. For example, if the FQDN of the Orchestrator
server is vco-55.lab, you need to type the following information:
What is your first and last name?
[Unknown]: vco-55.lab
7 For each of the remaining prompts such as Organizational Unit, Organization, City, State, Country
Code, and so on, type the appropriate information for your organization.
8 To confirm the change, type yes, and press Enter.
9 When prompted for the password for dunes, press Enter to use the same password as the keystore
password (dunesdunes).
10 Log in to the Orchestrator configuration interface as vmware and start the Orchestrator server service.
a In the Orchestrator configuration interface, click the Startup Options tab.
b Click Start service.
What to do next
You can create a signing request and submit the certificate to a Certificate Authority. You can then import
the signed certificate into your local keystore.
You can also replace the Web views SSL certificate, the SSL certificate for the Orchestrator configuration
interface, or the SSL certificate for the Orchestrator client with the certificate you generated.
Chapter 9 Configuration Use Cases and Troubleshooting
VMware, Inc. 101