5.0
Table Of Contents
- VMware View Installation
- Contents
- VMware View Installation
- System Requirements for Server Components
- System Requirements for Client Components
- Supported Operating Systems for View Agent
- Supported Operating Systems for Windows-Based View Client and View Client with Local Mode
- Hardware Requirements for Local Mode Desktops
- Client Browser Requirements for View Portal
- Remote Display Protocol and Software Support
- Adobe Flash Requirements
- Smart Card Authentication Requirements
- Preparing Active Directory
- Configuring Domains and Trust Relationships
- Creating an OU for View Desktops
- Creating OUs and Groups for Kiosk Mode Client Accounts
- Creating Groups for View Users
- Creating a User Account for vCenter Server
- Create a User Account for View Composer
- Configure the Restricted Groups Policy
- Using View Group Policy Administrative Template Files
- Prepare Active Directory for Smart Card Authentication
- Installing View Composer
- Installing View Connection Server
- Installing the View Connection Server Software
- Installation Prerequisites for View Connection Server
- Install View Connection Server with a New Configuration
- Install a Replicated Instance of View Connection Server
- Configure a Security Server Pairing Password
- Install a Security Server
- Microsoft Windows Installer Command-Line Options
- Uninstalling View Products Silently by Using MSI Command-Line Options
- Configuring User Accounts for vCenter Server and View Composer
- Where to Use the vCenter Server User and Domain User for View Composer
- Configure a vCenter Server User for View Manager, View Composer, and Local Mode
- View Manager Privileges Required for the vCenter Server User
- View Composer Privileges Required for the vCenter Server User
- Local Mode Privileges Required for the vCenter Server User
- Configuring View Connection Server for the First Time
- Configuring View Client Connections
- Sizing Windows Server Settings to Support Your Deployment
- Installing the View Connection Server Software
- Installing View Transfer Server
- Configuring SSL Certificates for View Servers
- Configuring SSL Certificates for View Connection Server and Security Server
- Configuring SSL Certificates for View Transfer Server
- Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer Server
- Obtain a Signed Certificate from a CA for Use with a View Transfer Server Instance
- Generate a Self-Signed Certificate for View Transfer Server
- Configure a View Transfer Server Instance to Use a Certificate
- Configure SSL for View Transfer Server Communications
- Configuring Certificate Checking in View Client for Windows
- Appendix: Additional SSL Configuration Tasks
- Creating an Event Database
- Installing and Starting View Client
- Index
3 Send the CSR file to the CA in accordance with the CA's enrollment process and request a certificate in
PEM format.
After conducting some checks on your company, the CA signs your request, encrypts it with a private
key, and sends you a validated certificate.
4 If necessary, convert your certificate to PEM format.
Some CAs provide certificates in a format other than PEM. If you download this type of certificate, you
must convert it to PEM format.
For example: openssl x509 -inform der -in certificate.cer -out certificate.pem
What to do next
Configure the View Transfer Server instance to use the SSL server certificate. See “Configure a View Transfer
Server Instance to Use a Certificate,” on page 85.
Generate a Self-Signed Certificate for View Transfer Server
You must replace the default SSL server certificate that is provided when you install a View Transfer Server
instance. For testing purposes, you can generate and use a self-signed certificate to replace the default
certificate.
You use the openssl utility to generate SSL certificates for View Transfer Server.
Prerequisites
Add openssl to the system Path variable on your host. See “Add openssl to the System Path,” on page 89.
Procedure
1 On the View Transfer Server computer, generate the private certificate key.
For example: openssl genrsa -des3 -out server-with-pass.key -passout
password
2048
2 Remove the pass phrase from the private key and save it to the file server.key.
This step prevents Apache from prompting you for your pass phrase each time Apache is restarted.
For example: openssl rsa -in server-with-pass.key -passin
password
-out server.key
3 Generate the self-signed server certificate.
For example: openssl req -new -x509 -days 3650 -key server.key -out server.crt
What to do next
Configure the View Transfer Server instance to use the SSL server certificate. See “Configure a View Transfer
Server Instance to Use a Certificate,” on page 85.
Configure a View Transfer Server Instance to Use a Certificate
To configure a View Transfer Server instance to use an SSL server certificate, you must copy your certificate
and private key files to the View Transfer Server host. You can use an SSL server certificate that is signed by
a CA, or you can generate a self-signed certificate.
The Apache server on the View Transfer Server instance requires Base64 encoded DER (PEM) certificates.
Certificate files and key files must have the extensions .crt and .key respectively.
When you install View Transfer Server, the installer generates the default certificate file, server.crt, and
private key file, server.key. In the following procedure, make sure that you replace these files in the View
Transfer Server certificate directory or configure the Apache configuration file to specify the names of your
own certificate and private key files.
Chapter 7 Configuring SSL Certificates for View Servers
VMware, Inc. 85