Installation guide
Table Of Contents
- VMware View Installation Guide
- Contents
- About This Book
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring Certificate Authentication
- Replacing the Default Certificate
- Add keytool and openssl to the System Path
- Export an Existing Microsoft IIS SSL Server Certificate
- Creating a New SSL Certificate
- Configure a View Connection Server Instance or Security Server to Use a New Certificate
- Configure a View Transfer Server Instance to Use a New Certificate
- Configure SSL for Client Connections
- Configure SSL for View Transfer Server Communications
- Using Group Policy to Configure Certificate Checking in View Client
- Creating an Event Database
- Installing and Starting View Client
- Install the Windows-Based View Client or View Client with Local Mode
- Start the Windows-Based View Client or View Client with Local Mode
- Install View Client by Using View Portal
- Install View Client on Mac OS X
- Start View Client on Mac OS X
- Set Printing Preferences for the Virtual Printer Feature
- Using USB Printers
- Installing View Client Silently
- Index
Procedure
1 Copy the keystore file that contains your certificate to the SSL gateway configuration directory on the
View Connection Server or security server host.
For example:
install_directory
\VMware\VMware View\Server\sslgateway\conf\keys.p12
2 Add the keyfile and keypass properties to the locked.properties file in the SSL gateway configuration
directory on the View Connection Server or security server host.
If the locked.properties file does not already exist, you must create it.
a Set the keyfile property to the name of your keystore file.
If you exported an existing Microsoft IIS SSL server certificate, set keyfile to the name of your PFX
file.
b Set the keypass property to the password for your keystore file.
If you exported an existing Microsoft IIS SSL server certificate, set keypass to the password that you
used when you exported the certificate.
For example:
keyfile=keys.p12
keypass=MY_PASS
3 Restart the View Connection Server service or Security Server service to make your changes take effect.
Configure a View Transfer Server Instance to Use a New Certificate
To configure a View Transfer Server instance to use a new server SSL certificate, you must copy your certificate
and private key files to the View Transfer Server host.
Prerequisites
n
Add openssl to the system Path variable on your host. See “Add keytool and openssl to the System
Path,” on page 76.
n
Create a self-signed certificate, export an existing Microsoft IIS SSL server certificate, or obtain a signed
certificate from a CA.
Procedure
1 Open a command prompt and use openssl to export the private key file from your PFX or P12 file.
For example: openssl pkcs12 -in filename.pfx -nocerts -out key.pem
2 Export the certificate file from your PFX or P12 file.
For example: openssl pkcs12 -in filename.pfx -clcerts -nokeys -out server.crt
3 Remove the pass phrase from the private key.
This step prevents Apache from prompting you for your pass phrase each time it is restarted.
For example: openssl rsa -in key.pem -out server.key
4 Stop the View Transfer Server service.
5 Copy the certificate and private key files to the directory
install_directory
\VMware\VMware
View\Server\httpd\conf on the View Transfer Server host.
6 Rename the certificate file to server.crt.
7 Rename the private key file to server.key.
Chapter 7 Configuring Certificate Authentication
VMware, Inc. 81