6.2
Table Of Contents
- Installation and Configuration
- Contents
- vRealize Automation Installation and Configuration
- Updated Information
- Installation Overview
- Preparing for Installation
- Minimal Deployment Checklist
- Minimal Deployment
- Distributed Deployment
- Distributed Deployment Checklist
- Distributed Installation Components
- Disabling Load Balancer Health Checks
- Certificate Trust Requirements in a Distributed Deployment
- Installation Worksheets
- Deploy Appliances for vRealize Automation
- Configuring Your Load Balancer
- Configuring Appliances for vRealize Automation
- Configure the Identity Appliance
- Configure the Primary vRealize Appliance
- Configuring Additional Instances of vRealize Appliance
- Enable Time Synchronization on the vRealize Appliance
- Configure Appliance Database on the Secondary vRealize Appliance
- Configure Appliance Database Replication on the Secondary Appliance
- Join a vRealize Appliance to a Cluster
- Disable Unused Services
- Validate the Distributed Deployment
- Test Appliance Database Failover
- Test Appliance Database Failback
- Validate Appliance Database Replication
- Install the IaaS Components in a Distributed Configuration
- Install IaaS Certificates
- Download the IaaS Installer
- Choosing an IaaS Database Scenario
- Install the Primary IaaS Website Component with Model Manager Data
- Install Additional IaaS Website Components
- Install the Primary Manager Service
- Install an Additional Manager Service Component
- Installing Distributed Execution Managers
- Configuring Windows Service to Access the IaaS Database
- Verify IaaS Services
- Installing Agents
- Set the PowerShell Execution Policy to RemoteSigned
- Choosing the Agent Installation Scenario
- Agent Installation Location and Requirements
- Installing and Configuring the Proxy Agent for vSphere
- Installing the Proxy Agent for Hyper-V or XenServer
- Installing the VDI Agent for XenDesktop
- Installing the EPI Agent for Citrix
- Installing the EPI Agent for Visual Basic Scripting
- Installing the WMI Agent for Remote WMI Requests
- Configuring Initial Access
- Configuring Additional Tenants
- Updating vRealize Automation Certificates
- Extracting Certificates and Private Keys
- Updating the Identity Appliance Certificate
- Updating the vRealize Appliance Certificate
- Updating the IaaS Certificate
- Replace the Identity Appliance Management Site Certificate
- Updating the vRealize Appliance Management Site Certificate
- Replace a Management Agent Certificate
- Troubleshooting
- Default Log Locations
- Rolling Back a Failed Installation
- Create a Support Bundle for vRealize Automation
- Installers Fail to Download
- Failed to Install Model Manager Data and Web Components
- Save Settings Warning Appears During IaaS Installation
- WAPI and Distributed Execution Managers Fail to Install
- IaaS Authentication Fails During IaaS Web and Model Management Installation
- Installation or Upgrade Fails with a Load Balancer Timeout Error
- Uninstalling a Proxy Agent Fails
- Validating Server Certificates for IaaS
- Server Times Are Not Synchronized
- RabbitMQ Configuration Fails in a High-Availability Environment
- Encryption.key File has Incorrect Permissions
- Log in to the vRealize Automation Console Fails
- Error Communicating to the Remote Server
- Blank Pages May Appear When Using Internet Explorer 9 or 10 on Windows 7
- Cannot Establish Trust Relationship for the SSL/TLS Secure Channel
- Cannot Log in to a Tenant or Tenant Identity Stores Disappear
- Adding an Endpoint Causes an Internal Error
- Error in Manager Service Communication
- Machine Requests Fail When Remote Transactions Are Disabled
- Credentials Error When Running the IaaS Installer
- Attempts to Log In as the IaaS Administrator with Incorrect UPN Format Credentials Fails with No Explanation
- Email Customization Behavior Has Changed
- Changes Made to /etc/hosts Files Might Be Overwritten
- Network Settings Were Not Successfully Applied
Replace the Internet Information Services Certificate
The system administrator can replace an expired certificate or a self-signed certificate with one from a
certificate authority to ensure security in a distributed deployment environment.
You can use a Subject Alternative Name (SAN) certificate on multiple machines. Import the certificate to
the trusted root certificate store of all machines on which you installed the Website Component and
Manager Service (the IIS machines) during the IaaS installation.
Procedure
1 Obtain a certificate from a trusted certificate authority.
2 Open the Internet Information Services (IIS) Manager.
3 Double-click Server Certificates from Features View.
4 Click Import in the Actions pane.
a Enter a file name in the Certificate file text box, or click the browse button (…), to navigate to the
name of a file where the exported certificate is stored.
b Enter a password in the Password text box if the certificate was exported with a password.
c Select Mark this key as exportable.
5 Click OK.
6 Click on the imported certificate and select View.
7 Verify that the certificate and its chain is trusted.
If the certificate is untrusted, you see the message, This CA root certificate is not trusted.
Note You must resolve the trust issue before proceeding with the installation. If you continue, your
deployment fails.
8 Update IIS bindings.
a Select the site that hosts the component Web site and model manager.
b Click Bindings in the Action pane.
c Click Edit on the https (443) in the Site Bindings dialog box.
d Change the SSL certificate to the newly imported one.
9 Restart IIS or open an elevated command prompt window and type iisreset.
Update the vRealize Appliance with the IaaS Certificate
After certificates are updated on the IaaS servers, the system administrator updates the component
registry to reestablish trusted communications between the virtual appliances and IaaS components.
Installation and Configuration
VMware, Inc. 158