5.1
Table Of Contents
- Obtaining SSL Certificates for VMware View Servers
- Contents
- Obtaining SSL Certificates for VMware View Servers
- Obtaining SSL Certificates from a Certificate Authority
- Index
2 Generate a CSR and Request a Signed Certificate from a CA on page 10
Using the completed configuration file, you can generate a CSR by running the certreq utility. You send
the request to a third-party CA, which returns a signed certificate.
3 Import a Signed Certificate by Using Certreq on page 11
When you have a signed certificate from a CA, you can import the certificate into the Windows local
computer certificate store on the View server host.
4 Set Up an Imported Certificate for a View Server on page 12
After you import a server certificate into the Windows local computer certificate store, you must take
additional steps to allow a View server to use the certificate.
Create a CSR Configuration File
The Microsoft certreq utility uses a configuration file to generate a CSR. You must create a configuration file
before you can generate the request. Create the file and generate the CSR on the Windows Server computer
that hosts the View server that will use the certificate.
Procedure
1 Open a text editor and paste the following text, including the beginning and ending tags, into the file.
;----------------- request.inf -----------------
[Version]
Signature="$Windows NT$
[NewRequest]
Subject = "CN=
View_Server_FQDN
, OU=
Organizational_Unit
, O=
Organization
,
L=
City
, S=
State
, C=
Country
"
; Replace
View_Server_FQDN
with the FQDN of the View server.
; Replace the remaining Subject attributes.
KeySpec = 1
KeyLength = 2048
; KeyLength is usually chosen from 2048, 3072, or 4096. A KeyLength
; of 1024 is also supported, but it is not recommended.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
;-----------------------------------------------
Chapter 1 Obtaining SSL Certificates from a Certificate Authority
VMware, Inc. 9