5.1
Table Of Contents
- vCloud Director Installation and Upgrade Guide
- Contents
- VMware vCloud Director Installation and Upgrade Guide
- Overview of vCloud Director Installation, Configuration, and Upgrade
- vCloud Director Architecture
- Configuration Planning
- vCloud Director Hardware and Software Requirements
- Creating a vCloud Director Server Group
- Upgrading vCloud Director
- vCloud Director Setup
- Index
Table 3-3. Cell Management Tool Options and Arguments, certificates Subcommand (Continued)
Option Argument Description
--keystore (-s) keystore-pathname Full pathname to a JCEKS keystore
containing the signed certificates.
--keystore-pwd (-w) keystore-password Password for the JCEKS keystore
referenced by the --keystore
option.
Example: Replacing Certificates
You can omit the --config and --responses options unless those files were moved from their default
locations. In this example, a keystore at /tmp/new.ks has the password kspw. This example replaces the cell's
existing certificates with the certificates found in /tmp/new.ks
[root@cell1 /opt/vmware/vcloud–
director/bin]# ./cell-management-tool certificates -s /tmp/my-new-certs.ks -w kspw
Certificate replaced by user specified keystore at /tmp/new.ks.
You will need to restart the cell for changes to take effect.
NOTE You must restart the cell after you replace the certificates.
Commands for Generating Self-Signed SSL Certificates
Use the generate-certs command of the cell management tool to generate new self-signed SSL certificates
for the cell.
The generate-certs command of the cell management tool automates the procedure shown in “Create a
Self-Signed SSL Certificate,” on page 19.
To generate new self-signed SSL certificates and add them to a new or existing keystore, use a command line
with the following form:
cell-management-tool generate-certs
options
Table 3-4. Cell Management Tool Options and Arguments, generate-certs Subcommand
Option Argument Description
--help (-h) None Provides a summary of available
commands in this category.
-issuer (-i) name=value [,
name=value, ...]
X.509 distinguished name of the
certificate issuer. Defaults to
CN=Unknown. If you specify multiple
attribute and value pairs, separate
them with commas and enclose the
entire argument in quotation marks.
--out (-o) keystore-pathname Full pathname to the keystore on
this host.
--key-size (-s) key-size Size of key pair expressed as an
integer number of bits. Defaults to
1024.
--keystore-pwd (-w) keystore-password Password for the keystore on this
host.
--expiration (-x) days-until-expiration Number of days until the certificates
expire. Defaults to 365
Chapter 3 Upgrading vCloud Director
VMware, Inc. 41