3.0.1

Table Of Contents
View Manager Administration Guide
86 VMware, Inc.
Using keytool to Create a Truststore
Fromacommandprompt,enterthefollowingwhere<alias>isaunique(caseinsensitive)
nameforanewentityentryinthetruststore(inthiscase,thecertificateyouareaboutto
import),<certificate>isthenameof therootCAcertificateyoupreviouslyobtained
orexported,and<truststore filename>isthenam
eofthetruststoreoutputfile:
keytool -import -alias <alias> -file <certificate> -keystore
<truststore_filename>
Enabling Smart Card Authentication on the Server
AlltypesofViewConnectionServersupportsmartcardauthenticationbutitis
recommendedthatonlysecurityserversareconfiguredtoallowsmartcardaccess.
If youaddsmartcardsupporttostandardorreplicaserversyouwillbepromptedto
selectacertificateeverytimeyouconnecttoViewAdministratoronthosesy
stems.
To add smart card authentication to View Connection Server
1Copythetruststorefileyoupreviouslycreated(<truststore_filename>)tothe
followinglocationonViewConnectionServer:
C:\Program Files\VMware\View Manager\Server\sslgateway\conf
2 Createatextfilecalledlocked.propertiesthatcontainsthefollowingentries:
trustKeyfile=<truststore filename>
trustStoretype=JKS
useCertAuth=true
ThevaluefortrustKeyfilemustcorrespondtothatof<truststore
filename>.
YoumustrestarttheViewConnectionServerserviceforthesechangestotakeeffect.
N
OTEYoumaybeaskedtocreateapasswordforthekeystore—thisisnotrequiredfor
futureprocedures,butyoushouldrememberitifyouwanttoaddadditional
certificatestothetruststoreatalaterdate.
NOTEInenvironmentswherenotalluserswillauthenticateusingasmartcarditis
alsorecommendedthatyouconfigureanew(oranadditional)securityserver
specificallyforthepurposeofclientsmartcardauthentication.
N
OTEOnceastandardorreplicaViewConnectionServerhasbeenconfigured,you
willbepromptedtochooseacertificatewhenloggingintoViewPortalortoView
Administratoronthatserver.