5.0
Table Of Contents
- VMware View Installation
- Contents
- VMware View Installation
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for Windows-Based View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring SSL Certificates for View Servers
- Configuring SSL Certificates for View Connection Server and Security Server
- Configuring SSL Certificates for View Transfer Server
- Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer Server
- Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
- Generate a Self-Signed Certificate for View Transfer Server
- Configure a View Transfer Server Instance to Use a Certificate
- Configure SSL for View Transfer Server Communications
- Configuring Certificate Checking in View Client for Windows
- Appendix: Additional SSL Configuration Tasks
- Creating an Event Database
- Installing and Starting View Client
- Index
Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer
Server
An SSL certificate that is used with a View Transfer Server instance must be in PEM format. If you have an
existing certificate in PKCS#12 format, you can use openssl to export the private key and server certificate in
PEM format.
If you have an existing server certificate in PKCS#7 format and a separate private key, you can go directly to
the procedure described in “Configure a View Transfer Server Instance to Use a Certificate,” on page 85.
Prerequisites
Verify that openssl was added to the system Path variable on your host. See “Add openssl to the System
Path,” on page 89.
Procedure
1 On the View Transfer Server system, open a command prompt and use openssl to export the private key
from your .p12 or .pfx certificate file.
For example: openssl pkcs12 -in server.pfx -nocerts -out key.pem
2 Remove the pass phrase from the private key and save it to the file server.key.
This step prevents Apache from prompting you for your pass phrase each time it is restarted.
For example: openssl rsa -in key.pem -out server.key
3 Export the server certificate from your certificate file and save it to the file server.crt.
For example: openssl pkcs12 -in server.pfx -clcerts -nokeys -out server.crt
What to do next
Configure your View Transfer Server instance to use the certificate. See “Configure a View Transfer Server
Instance to Use a Certificate,” on page 85.
Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
To obtain a signed certificate from a CA, you must use openssl to generate a private key file and a certificate
signing request (CSR) file. For testing purposes, you can obtain a free temporary certificate based on an
untrusted root from many CAs.
Prerequisites
Determine the fully qualified domain name (FQDN) that client computers use to connect to the host.
Procedure
1 Open a command prompt and use openssl to create a private key file and a CSR file.
For example: openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr
2 When openssl prompts you for a common name, type the fully qualified domain name (FQDN) that client
computers use to connect to the View Transfer Server host.
IMPORTANT If you type your name, the certificate will be invalid.
openssl creates the private key file and the CSR file in the current directory.
VMware View Installation
84 VMware, Inc.