4.6
Table Of Contents
- VMware View Installation
- Contents
- VMware View Installation
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring Certificate Authentication
- Replacing the Default Certificate
- Add keytool and openssl to the System Path
- Use an Existing PKCS#12 Certificate and Private Key
- Convert a PKCS#12 Keystore to JKS Format
- Creating a New SSL Certificate
- Configure a View Connection Server Instance or Security Server to Use a New Certificate
- Configure a View Transfer Server Instance to Use a New Certificate
- Configure SSL for Client Connections
- Configure SSL for View Transfer Server Communications
- Using Group Policy to Configure Certificate Checking in View Client
- Creating an Event Database
- Installing and Starting View Client
- Install the Windows-Based View Client or View Client with Local Mode
- Start the Windows-Based View Client or View Client with Local Mode
- Install View Client by Using View Portal
- Install View Client on Mac OS X
- Start View Client on Mac OS X
- Set Printing Preferences for the Virtual Printer Feature on Windows Clients
- Using USB Printers
- Installing View Client Silently
- Index
Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
To obtain a signed certificate from a CA, you must use openssl to generate a private key file and a certificate
signing request (CSR). For testing purposes, you can obtain a free temporary certificate based on an untrusted
root from GlobalSign, Thawte, or VeriSign.
Prerequisites
Determine the fully qualified domain name (FQDN) that client computers use to connect to the host.
Procedure
1 Open a command prompt and use openssl to create a private key file and a CSR.
For example: openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
2 When openssl prompts you for a common name, type the fully qualified domain name (FQDN) that client
computers use to connect to the View Transfer Server host.
IMPORTANT If you type your name, the certificate will be invalid.
openssl creates the private key file and the CSR file in the current directory.
3 Send the CSR to the CA in accordance with the CA's enrollment process and request a certificate in PEM
format.
Some CAs provide certificates in a format other than PEM. If you download this type of certificate, you
must convert it to PEM format.
After conducting some checks on your company, the CA signs your request, encrypts it with a private key,
and sends you a validated certificate.
What to do next
Configure the View Transfer Server instance to use the server SSL certificate. See “Configure a View Transfer
Server Instance to Use a New Certificate,” on page 86.
Import an Intermediate Certificate into a Keystore File
If your server certificate is signed by an intermediate CA rather than by a root CA, you must add the
intermediate certificate to the keystore before you add the server certificate.
Prerequisites
Request and obtain an intermediate certificate from the intermediate CA.
Procedure
1 Save the intermediate certificate as intermediateCA.p7 in the directory that contains the keystore file.
2 Import the intermediate certificate into the keystore file.
For example:
keytool -importcert -keystore keys.jks -storepass secret -trustcacerts -alias intermediateCA -
file intermediateCA.p7
What to do next
If you downloaded a server certificate, import it into your keystore file. See “Import a Signed Server Certificate
into a Keystore File,” on page 85.
VMware View Installation
84 VMware, Inc.