Installation guide
Table Of Contents
- VMware View Installation Guide
- Contents
- About This Book
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring Certificate Authentication
- Replacing the Default Certificate
- Add keytool and openssl to the System Path
- Export an Existing Microsoft IIS SSL Server Certificate
- Creating a New SSL Certificate
- Configure a View Connection Server Instance or Security Server to Use a New Certificate
- Configure a View Transfer Server Instance to Use a New Certificate
- Configure SSL for Client Connections
- Configure SSL for View Transfer Server Communications
- Using Group Policy to Configure Certificate Checking in View Client
- Creating an Event Database
- Installing and Starting View Client
- Install the Windows-Based View Client or View Client with Local Mode
- Start the Windows-Based View Client or View Client with Local Mode
- Install View Client by Using View Portal
- Install View Client on Mac OS X
- Start View Client on Mac OS X
- Set Printing Preferences for the Virtual Printer Feature
- Using USB Printers
- Installing View Client Silently
- Index
Procedure
1 Open a command prompt and use keytool to generate a keystore file.
For example: keytool -genkey -keyalg "RSA" -keystore keys.p12 -storetype pkcs12 -validity 360
2 When keytool prompts you for your first and last name, type the fully qualified domain name (FQDN)
that client computers use to connect to the host.
Option Action
View Connection Server instance
Type the FQDN of the View Connection Server host if you have one View
Connection Server instance. Type the FQDN of the load balancer host if you
use load balancing.
Security server
Type the FQDN of the security server host.
View Transfer Server instance
Type the FQDN of the View Transfer Server host.
IMPORTANT If you type your name, the certificate will be invalid.
3 After keytool creates the keystore file, back up the file.
The backup file is useful in case you ever need to rebuild the configuration for the host.
What to do next
To use the self-signed certificate contained in the keystore file, configure the View Connection Server instance,
security server, or View Transfer Server instance to use the certificate. See “Configure a View Connection Server
Instance or Security Server to Use a New Certificate,” on page 80 or “Configure a View Transfer Server
Instance to Use a New Certificate,” on page 81.
To replace the self-signed certificate, obtain a signed certificate from a CA. See “Obtain a Signed Certificate
from a CA,” on page 78.
Obtain a Signed Certificate from a CA
To obtain a signed certificate from a CA, you must create a CSR. For testing purposes, you can obtain a free
temporary certificate based on an untrusted root from Thawte, VeriSign, or GlobalSign.
This procedure assumes that there is no more than one link in the chain between the server certificate and the
root certificate. If you use a temporary certificate, there might be one or more intermediate certificates and you
will need to follow a different procedure. See the instructions provided by the CA that generated the temporary
certificate for more information.
Prerequisites
Create a keystore file and a self-signed certificate.
Procedure
1 Open a command prompt and use keytool to create a CSR.
For example:
keytool -certreq -keyalg "RSA" -file certificate.csr -keystore keys.p12 -storetype pkcs12 -
storepass secret
keytool creates the CSR file in the current directory.
2 Send the CSR to the CA in accordance with the CA's enrollment process and request a certificate in PKCS#7
format.
Some CAs provide certificates only in PKCS#12 format. If you download this type of certificate, you must
convert it to PKCS#7 format.
VMware View Installation Guide
78 VMware, Inc.