5.0
Table Of Contents
- VMware View Installation
- Contents
- VMware View Installation
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for Windows-Based View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring SSL Certificates for View Servers
- Configuring SSL Certificates for View Connection Server and Security Server
- Configuring SSL Certificates for View Transfer Server
- Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer Server
- Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
- Generate a Self-Signed Certificate for View Transfer Server
- Configure a View Transfer Server Instance to Use a Certificate
- Configure SSL for View Transfer Server Communications
- Configuring Certificate Checking in View Client for Windows
- Appendix: Additional SSL Configuration Tasks
- Creating an Event Database
- Installing and Starting View Client
- Index
4 Restart the View Connection Server service to make your changes take effect.
In a replicated group, you must restart the service on each View Connection Server instance and on each
paired security server.
5 Reconfigure any firewalls and load balancers to permit client connections using the new SSL configuration.
See the VMware View Architecture Planning document for more information.
Configuring SSL Certificates for View Transfer Server
If you enable SSL for local mode operations and local desktop provisioning, View Transfer Server instances
require an SSL server certificate. You must replace the default certificate that is generated when you install
View Transfer Server.
You can replace the default certificate with a certificate that is signed by a CA or, for testing purposes, you can
generate and use a self-signed certificate.
IMPORTANT Replace the default certificate as soon as possible. The default certificate is not signed by a
Certificate Authority (CA). Use of certificates that are not signed by a CA can allow untrusted parties to
intercept traffic by masquerading as your server.
You perform the following tasks to configure an SSL server certificate for View Transfer Server:
1 Add the openssl utility to your system path.
You use the openssl utility to create and manage certificates for View Transfer Server. See “Add openssl
to the System Path,” on page 89.
2 Determine your certificate configuration path.
Starting Place Action
You do not have an SSL server
certificate.
Obtain a signed SSL server certificate from a CA. See “Obtain a Signed
Certificate from a CA for Use with a View Transfer Server Instance,” on
page 84.
Alternatively, for testing purposes, you can generate and use a self-signed
certificate. See “Generate a Self-Signed Certificate for View Transfer Server,”
on page 85.
Your organization provided you with
a valid SSL server certificate in
PKCS#12 format.
You must export the private key and server certificate into PEM format. See
“Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer
Server,” on page 84.
Your organization provided you with
a valid SSL server certificate in
PKCS#7 format and a separate
private key.
You can use the certificate to replace the default SSL server certificate provided
with View Transfer Server. See “Configure a View Transfer Server Instance to
Use a Certificate,” on page 85.
NOTE A certificate that is used with View Transfer Server must be in PEM format. If your certificate is
not in PEM format, you must export the certificate into PEM format.
3 Configure View Transfer Server to use the SSL server certificate. See “Configure a View Transfer Server
Instance to Use a Certificate,” on page 85.
4 Configure settings in View Administrator to use SSL for local mode provisioning and other local mode
operations. See “Configure SSL for View Transfer Server Communications,” on page 87.
Chapter 7 Configuring SSL Certificates for View Servers
VMware, Inc. 83