6.1
Table Of Contents
- Site Recovery Manager Installation and Configuration
- Contents
- About VMware Site Recovery Manager Installation and Configuration
- Updated Information
- Overview of VMware Site Recovery Manager
- Site Recovery Manager System Requirements
- Creating the Site Recovery Manager Database
- Site Recovery Manager Authentication
- Creating SSL/TLS Server Endpoint Certificates for Site Recovery Manager
- Installing Site Recovery Manager
- Site Recovery Manager and vCenter Server Deployment Models
- Site Recovery Manager in a Two-Site Topology with One vCenter Server Instance per Platform Services Controller
- Site Recovery Manager in a Two-Site Topology with Multiple vCenter Server Instances per Platform Services Controller
- Site Recovery Manager in a Single Site Topology with a Shared Platform Services Controller
- Prerequisites and Best Practices for Site Recovery Manager Server Installation
- Install Site Recovery Manager Server
- Connect the Site Recovery Manager Server Instances on the Protected and Recovery Sites
- Establish a Client Connection to the Remote Site Recovery Manager Server Instance
- Install the Site Recovery Manager License Key
- Site Recovery Manager Server Does Not Start
- Unregister an Incompatible Version of vSphere Replication
- Site Recovery Manager and vCenter Server Deployment Models
- Modifying and Uninstalling Site Recovery Manager
- Modify a Site Recovery Manager Server Installation
- Reconfigure the Connection Between Sites
- Break the Site Pairing and Connect to a New Remote Site
- Repair a Site Recovery Manager Server Installation
- Rename a Site Recovery Manager Site
- Uninstall Site Recovery Manager
- Uninstall and Reinstall the Same Version of Site Recovery Manager
- Upgrading Site Recovery Manager
- Information That Site Recovery Manager Upgrade Preserves
- Types of Upgrade that Site Recovery Manager Supports
- Upgrade Site Recovery Manager
- Order of Upgrading vSphere and Site Recovery Manager Components
- Prerequisites and Best Practices for Site Recovery Manager Upgrade
- In-Place Upgrade of Site Recovery Manager Server
- Upgrade Site Recovery Manager Server with Migration
- Configure and Verify the Upgraded Site Recovery Manager Installation
- Revert to a Previous Release of Site Recovery Manager
- Installing Site Recovery Manager to Use with a Shared Recovery Site
- Shared Recovery Sites and vCenter Server Deployment Models
- Limitations of Using Site Recovery Manager in Shared Recovery Site Configuration
- Site Recovery Manager Licenses in a Shared Recovery Site Configuration
- Install Site Recovery Manager In a Shared Recovery Site Configuration
- Use vSphere Replication in a Shared Recovery Site Configuration
- Install Site Recovery Manager Server on Multiple Protected Sites to Use with a Shared Recovery Site
- Install Multiple Site Recovery Manager Server Instances on a Shared Recovery Site
- Connect the Site Recovery Manager Sites in a Shared Recovery Site Configuration
- Use Array-Based Replication in a Shared Recovery Site Configuration
- Configure Placeholders and Mappings in a Shared Recovery Site Configuration
- Upgrade Site Recovery Manager in a Shared Recovery Site Configuration
- Index
Creating SSL/TLS Server Endpoint
Certificates for
Site Recovery Manager 5
The Site Recovery Manager server endpoint certificate establishes the identity of
Site Recovery Manager Server to clients. The endpoint certificate secures the communication between the
client and Site Recovery Manager Server.
During installation of Site Recovery Manager, there is an option for Site Recovery Manager to generate an
SSL/TLS certificate to use as the Site Recovery Manager endpoint certificate. This is the simpler option that
requires minimal user action.
You can also provide a custom SSL/TLS certificate that is signed by a certificate authority. If you use a
custom SSL/TLS certificate, the certificate must meet certain requirements to work with
Site Recovery Manager.
NOTE Unlike in 5.x releases, Site Recovery Manager 6.x does not also use custom SSL/TLS certificates to
authenticate with vCenter Server. For information about how Site Recovery Manager authenticates with
vCenter Server, see Chapter 4, “Site Recovery Manager Authentication,” on page 23.
Requirements When Using Custom SSL/TLS Certificates with
Site Recovery Manager
If you use custom SSL/TLS certificates for the Site Recovery Manager server endpoint certificate, the
certificates must meet specific criteria.
Site Recovery Manager 6.x uses standard PKCS#12 certificates. Site Recovery Manager places some
requirements on the contents of those certificates, but the requirements in this release are less strict than in
5.x releases of Site Recovery Manager.
n
Site Recovery Manager does not accept certificates with MD5 signature algorithms. Use SHA256 or
stronger signature algorithms.
n
Site Recovery Manager accepts certificates with SHA1 signature algorithms but these are not
recommended and result in a warning during installation. Use SHA256 or stronger signature
algorithms.
n
The Site Recovery Manager certifcate is not the root of a trust chain. You can use an intermediate CA
certificate which is not the root of a trust chain, but that is still a CA certificate.
n
If you use a custom certificate for vCenter Server and Platform Services Controller, you are not obliged
to use a custom certificate for Site Recovery Manager. The reverse is also true.
n
The private key in the PKCS #12 file must match the certificate. The minimum length of the private key
is 2048 bits.
n
The Site Recovery Manager certificate password must not exceed 31 characters.
n
The current time must be within the period of validity of the certificate.
VMware, Inc.
25