3.1
Table Of Contents
- View Manager Administration Guide
- Contents
- About This Book
- Introduction
- Installation
- View Administrator
- Virtual Desktop Deployment
- Client Management
- View Client and View Portal
- Client Connections from the Internet
- Creating SSL Server Certificates
- Using Existing SSL Certificates
- Smart Card Authentication
- RSA SecurID Authentication
- View Client Command Line Options
- Virtual Printing
- Adobe Flash Bandwidth Reduction
- Client Device Information
- Enabling HP RGS Display Protocol
- View Composer
- Overview of View Composer
- Preparing VirtualCenter for View Composer
- Preparing a Parent VM
- Deploying Linked Clone Desktops from View Manager
- Refreshing, Recomposing, and Rebalancing Linked Clone Desktops
- Using an Existing View Composer Database
- Using the SviConfig Tool for View Composer
- Offline Desktop
- Component Policies
- Unified Access
- Troubleshooting
- locked.properties
- Glossary
- Index
View Manager Administration Guide
92 VMware, Inc.
YoucanreplacethedefaultcertificateprovidedwithViewwithaproperlydefined
certificatefortheservice.IfthecertificateissignedbyatrustedCA,userswillnotbe
presentedwithmessagesaskingthemtoverifythecertificate,andthinclientdevices
willbeabletoconnectwithoutrequiringadditional
configuration.
TocreateandinstallyourowncertificateyoumustfirstaddtheJavakeytoolutilityto
yourcommandpathsothatyoucanexecuteitfromanylocationusingthecommand
prompt.Oncethisisdoneyoucancreateaself‐signedSSLcertificateusingthekeytool
utility.
Toobtain
avalidatedcertificatethathasbeensignedbyatrustedthird‐partyyoumust
firstsubmitacertificatesigningrequest(CSR)totheCA.Onceyouhavereceiveda
trustedcertificatefromtheCAyoucanimportitintothekeystorefortheView
ConnectionServer,andthenconfigureViewConnection
Servertouseit.
Creating an SSL Certificate
Decidingwhatnametobindtoacertificateisanimportantconsideration.Acertificate
bindsthenameoftheservicetoacryptographickeypairand,indoingso,assumes
ownershipoftheserviceandkeys.
Oncethecertificateissignedtheclientcantrusttheserver(anditscryptographickey)
becausetheCAindependentlydeterminedthattheorganizationthatisclaiming
ownershiprequestedthekey.
Themostimportantpartofthecertificateisthecommonname(CN)attribute.Usethe
FQDNthattheclientcomputerusestoconnecttotheViewConnectionServer.Ina
single‐serverenvironment,thename
istypicallythenameoftheserver.Ifload
balancingisbeingused,usetheload‐balancername.
To add the Java keytool to the system path
1PresstheWindowskey+BreaktodisplaytheWindowsSystemPropertiesdialog
box.
2UndertheAdvancedtab,clickEnvironmentVariables.
3IntheSystemvariablesgroup,selectPATHandthenclickEdit.
N
OTEYoumayalreadyhaveanSSLcertificatethatyouwanttousewithView
ConnectionServer.Referto“UsingExistingSSLCertificates”onpage 96formore
informationonhowtodothis.