5.0
Table Of Contents
- VMware View Installation
- Contents
- VMware View Installation
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for Windows-Based View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring SSL Certificates for View Servers
- Configuring SSL Certificates for View Connection Server and Security Server
- Configuring SSL Certificates for View Transfer Server
- Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer Server
- Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
- Generate a Self-Signed Certificate for View Transfer Server
- Configure a View Transfer Server Instance to Use a Certificate
- Configure SSL for View Transfer Server Communications
- Configuring Certificate Checking in View Client for Windows
- Appendix: Additional SSL Configuration Tasks
- Creating an Event Database
- Installing and Starting View Client
- Index
This chapter includes the following topics:
n
“Configuring SSL Certificates for View Connection Server and Security Server,” on page 76
n
“Configuring SSL Certificates for View Transfer Server,” on page 83
n
“Configuring Certificate Checking in View Client for Windows,” on page 87
n
“Appendix: Additional SSL Configuration Tasks,” on page 88
Configuring SSL Certificates for View Connection Server and Security
Server
You can configure SSL server certificates for View Connection Server instances and security servers.
You perform the following tasks to configure an SSL server certificate for View Connection Server or security
server:
1 Add the keytool utility to your system path on the View Connection Server instance or security server.
You use the keytool utility to create keystore files, generate certificate requests, import certificates into
keystores, and add private keys to keystores. See “Add keytool to the System Path,” on page 89.
2 Determine whether you need to obtain a new signed SSL server certificate from a CA. If you already have
a valid SSL certificate, determine your configuration path.
Starting Place Action
Your organization provided you with a
valid SSL server certificate.
Determine the configuration path to take, depending on your SSL
certificate format. See “Use an Existing SSL Certificate and Private
Key,” on page 76.
You do not have an SSL server certificate. Obtain a signed SSL server certificate from a CA. See “Creating a New
SSL Certificate,” on page 78.
3 Configure View Connection Server or security server to use the SSL server certificate. See “Configure a
View Connection Server Instance or Security Server to Use a New Certificate,” on page 81.
4 Configure settings in View Administrator to use SSL for client connections. See “Configure SSL for Client
Connections,” on page 82.
Use an Existing SSL Certificate and Private Key
If your organization already has a valid SSL server certificate, you can use that certificate to replace the default
SSL server certificate provided with View Connection Server.
To use an existing certificate, you also need the accompanying private key. The PKCS#12 file format, formerly
called PFX file format, includes both the server certificate and the private key. The PKCS#12 file type can have
a .pfx or .p12 extension.
Table 7-1 shows the configuration path to take when you start with a particular SSL certificate format.
Table 7-1. SSL Certificate Formats and Configuration Path
If you have this SSL certificate
format... Take these steps
PKCS#12 signed by a root CA If a PKCS#12 file contains a server certificate that is signed by a root CA and not
an intermediate CA, you can use your existing PKCS#12 file when you configure
your View Connection Server instance or security server to use the certificate.
See “Configure a View Connection Server Instance or Security Server to Use a
New Certificate,” on page 81.
PKCS#12 signed by an intermediate CA If a PKCS#12 file contains a server certificate that is signed by an intermediate
CA rather than by a root CA, you must import the PKCS#12 keystore into a JKS
keystore. See “Convert a PKCS#12 File to JKS Format,” on page 78.
VMware View Installation
76 VMware, Inc.