User`s guide
Table Of Contents
- VMware vCenter Configuration ManagerInstallation and Getting Started Guide
- About This Book
- Preparing for Installation
- Installation Manager
- Installation Configurations
- Tools Installation
- General Prerequisites to Install VCM
- Verify Hardware and Software Requirements
- Verify Administration Rights
- Set the Default Network Authority Account
- Specify the Collector Services Account
- Change the Collector Services Account Password in the Services Management Con...
- Change the Collector Services Account Password in the Component Services DCOM...
- Verify the VMware Application Services Account
- Determine the VCM Remote Virtual Directory
- Use Secure Communications Certificates
- Understand Server Authentication
- Verify the Foundation Checker System Checks
- Install UNIX Patch for HP-UX 11.11
- VCM Uses FIPS Cryptography
- Installing VCM
- Installing, Configuring, and Upgrading the OS Provisioning Server and Components
- Upgrading or Migrating VCM
- Upgrades
- Migrations
- Prerequisites to Migrate VCM
- Back Up Your Databases
- Back up Your Files
- Export and Back up Your Certificates
- Migrating VCM
- Migrate Only Your Database
- Replace Your Existing 32-Bit Environment with a Supported 64-bit Environment
- Migrate a 32-bit Environment Running VCM 5.3 or Earlier to VCM 5.4.1
- Migrate a 64-bit Environment Running VCM 5.3 or Earlier to VCM 5.4.1
- Migrate a Split Installation of VCM 5.3 or Earlier to a Single-Server Install...
- How to Recover Your Collector Machine if the Migration is not Successful
- Upgrading VCM and Components
- Maintaining VCM After Installation
- Getting Started with VCM Components and Tools
- Getting Started with VCM
- Discover, License, and Install Windows Machines
- Discover, License, and Install Windows Machines
- Verify Available Domains
- Check the Network Authority
- Assign Network Authority Accounts
- Discover Windows Machines
- License Windows Machines
- Disable User Account Control for VCM Agent Installation
- Install the VCM Windows Agent on Your Windows Machines
- Enable UAC After VCM Agent Installation
- Collect Windows Data
- Windows Collection Results
- Getting Started with Windows Custom Information
- Discover, License, and Install UNIX/Linux Machines
- Discover, License, and Install Mac OS X Machines
- Discover, Configure, and Collect Oracle Data from UNIX Machines
- Customize VCM for your Environment
- How to Set Up and Use VCM Auditing
- Discover, License, and Install Windows Machines
- Getting Started with VCM for Virtualization
- Getting Started with VCM Remote
- Getting Started with VCM Patching
- Getting Started with Operating System Provisioning
- Getting Started with Software Provisioning
- Using Package Studio to Create Software Packages and Publish to Repositories
- Software Repository for Windows
- Package Manager for Windows
- Software Provisioning Component Relationships
- Install the Software Provisioning Components
- Using Package Studio to Create Software Packages and Publish to Repositories
- Using VCM Software Provisioning for Windows
- Related Software Provisioning Actions
- Getting Started with VCM Management Extensions for Assets
- Getting Started with VCM Service Desk Integration
- Getting Started with VCM for Active Directory
- Installing and Getting Started with VCM Tools
- Index
Configure Stunnel on the OS Provisioning Server
Stunnel is used to establish secure communication between VCM and the OS Provisioning Server SOAP
services. On the OS Provisioning Server, copy the certificates to the locations specified in the
stunnel.conf file and configure Stunnel to ensure that the connection on the OS Provisioning Server is
operational.
Prerequisites
Review the VCM Stunnel certificate validation chain described in /opt/FastScale/etc/stunnel.conf.
Procedure
1. On the OS Provisioning Server, log in as root.
2. Place the VCM Stunnel certificate validation chain in /opt/FastScale/var/certs.
All of the files in this directory are owned by root and have permissions of -rw-r--r--.
The Stunnel configuration file on the OS Provisioning Server is located in
/opt/FastScale/etc/stunnel.conf.
; stunnel configuration file for server proxy
; Some performance tunings
socket = l:TCP_NODELAY=1
socket = r:TCP_NODELAY=1
; debug = 7
cert = /opt/FastScale/var/certs/service.pem
key = /opt/FastScale/var/certs/private/service.key
; Either CAfile or CAPath, but not both, should be defined
; CAfile = /opt/FastScale/var/certs/ca-cert.pem
; Certificate Authority directory
; This is the directory in which stunnel will look for certificates
when using the verify.
; Note that the certificates in this directory should be named
; XXXXXXXX.0 where XXXXXXXX is the hash value of the DER encoded
subject of the
; cert (the first 4 bytes of the MD5 hash in least significant byte
order).
; The hash can be obtained with the command: openssl x509 -noout -in
cert.pem -hash
CApath = /opt/FastScale/var/certs
client = no
foreground = no
output = /opt/FastScale/logs/stunnel.log
pid = /opt/FastScale/logs/stunnel.pid
[fsmesgds]
Installing, Configuring, and Upgrading the OS Provisioning Server and Components
VMware, Inc. 29