6.2
Table Of Contents
- Installation and Configuration
- Contents
- vRealize Automation Installation and Configuration
- Updated Information
- Installation Overview
- Preparing for Installation
- Minimal Deployment Checklist
- Minimal Deployment
- Distributed Deployment
- Distributed Deployment Checklist
- Distributed Installation Components
- Disabling Load Balancer Health Checks
- Certificate Trust Requirements in a Distributed Deployment
- Installation Worksheets
- Deploy Appliances for vRealize Automation
- Configuring Your Load Balancer
- Configuring Appliances for vRealize Automation
- Configure the Identity Appliance
- Configure the Primary vRealize Appliance
- Configuring Additional Instances of vRealize Appliance
- Enable Time Synchronization on the vRealize Appliance
- Configure Appliance Database on the Secondary vRealize Appliance
- Configure Appliance Database Replication on the Secondary Appliance
- Join a vRealize Appliance to a Cluster
- Disable Unused Services
- Validate the Distributed Deployment
- Test Appliance Database Failover
- Test Appliance Database Failback
- Validate Appliance Database Replication
- Install the IaaS Components in a Distributed Configuration
- Install IaaS Certificates
- Download the IaaS Installer
- Choosing an IaaS Database Scenario
- Install the Primary IaaS Website Component with Model Manager Data
- Install Additional IaaS Website Components
- Install the Primary Manager Service
- Install an Additional Manager Service Component
- Installing Distributed Execution Managers
- Configuring Windows Service to Access the IaaS Database
- Verify IaaS Services
- Installing Agents
- Set the PowerShell Execution Policy to RemoteSigned
- Choosing the Agent Installation Scenario
- Agent Installation Location and Requirements
- Installing and Configuring the Proxy Agent for vSphere
- Installing the Proxy Agent for Hyper-V or XenServer
- Installing the VDI Agent for XenDesktop
- Installing the EPI Agent for Citrix
- Installing the EPI Agent for Visual Basic Scripting
- Installing the WMI Agent for Remote WMI Requests
- Configuring Initial Access
- Configuring Additional Tenants
- Updating vRealize Automation Certificates
- Extracting Certificates and Private Keys
- Updating the Identity Appliance Certificate
- Updating the vRealize Appliance Certificate
- Updating the IaaS Certificate
- Replace the Identity Appliance Management Site Certificate
- Updating the vRealize Appliance Management Site Certificate
- Replace a Management Agent Certificate
- Troubleshooting
- Default Log Locations
- Rolling Back a Failed Installation
- Create a Support Bundle for vRealize Automation
- Installers Fail to Download
- Failed to Install Model Manager Data and Web Components
- Save Settings Warning Appears During IaaS Installation
- WAPI and Distributed Execution Managers Fail to Install
- IaaS Authentication Fails During IaaS Web and Model Management Installation
- Installation or Upgrade Fails with a Load Balancer Timeout Error
- Uninstalling a Proxy Agent Fails
- Validating Server Certificates for IaaS
- Server Times Are Not Synchronized
- RabbitMQ Configuration Fails in a High-Availability Environment
- Encryption.key File has Incorrect Permissions
- Log in to the vRealize Automation Console Fails
- Error Communicating to the Remote Server
- Blank Pages May Appear When Using Internet Explorer 9 or 10 on Windows 7
- Cannot Establish Trust Relationship for the SSL/TLS Secure Channel
- Cannot Log in to a Tenant or Tenant Identity Stores Disappear
- Adding an Endpoint Causes an Internal Error
- Error in Manager Service Communication
- Machine Requests Fail When Remote Transactions Are Disabled
- Credentials Error When Running the IaaS Installer
- Attempts to Log In as the IaaS Administrator with Incorrect UPN Format Credentials Fails with No Explanation
- Email Customization Behavior Has Changed
- Changes Made to /etc/hosts Files Might Be Overwritten
- Network Settings Were Not Successfully Applied
4 Select the certificate type from the Choose Action menu.
If you are using a PEM-encoded certificate, for example for a distributed environment, select Import
PEM Encoded Certificate.
Certificates that you import must be trusted and must also be applicable to all instances of vRealize
Appliance and any load balancer by using Subject Alternative Name (SAN) certificates.
Note If you use certificate chains, specify the certificates in the following order:
n
The client/server certificate signed by the intermediate CA certificate
n
One or more intermediate certificates
n
A root CA certificate
Option Action
Import PEM Encoded Certificate a Copy the certificate values from BEGIN PRIVATE KEY to END PRIVATE KEY,
including the header and footer, and paste them in the RSA Private Key text
box.
b Copy the certificate values from BEGIN CERTIFICATE to END
CERTIFICATE, including the header and footer, and paste them in the
Certificate Chain text box.
c (Optional) If your certificate uses a pass phrase to encrypt the certificate key,
copy the pass phrase and paste it in the Pass Phrase text box.
Generate Self-Signed Certificate a Type a common name for the self-signed certificate in the Common Name
text box. You can use the fully qualified domain name of the virtual appliance
(hostname.domain.name) or a wild card, such as *.mycompany.com.
b Type your organization name, such as your company name, in the
Organization text box.
c Type your organizational unit, such as your department name or location, in
the Organizational Unit text box.
d Type a two-letter ISO 3166 country code, such as US, in the Country text
box.
Keep Existing Leave the current SSL configuration. Select this option to cancel your changes.
5 Click Apply Settings.
The certificate is updated.
Update the vRealize Appliance with the Identity Appliance
Certiļ¬cate
After the Identity Appliance certificate is updated, the system administrator updates the vRealize
Appliance with the new certificate information. This process reestablishes trusted communications
between the virtual appliances.
Use the import-certificate command to import the SSL certificate from the Identity Appliance into the
SSL keystore used by the vRealize Appliance. The alias value specifies the alias under which the
imported certificate is stored in the keystore, and url is the address of the SSL endpoint.
Installation and Configuration
VMware, Inc. 152