5.8
Table Of Contents
- VMware vRealize Configuration Manager Security Guide
- Contents
- About This Book
- Introduction to VCM Security
- Domain Infrastructure
- VCM Installation Kits
- Server Zone Security
- VCM Collector Server
- SQL Server
- Web Server
- VCM Agent Systems and Managed Machines
- VCM User Interface System
- Decommissioning
- Authentication
- Transport Layer Security
- Keys and Certificates
- How VCM Uses Certificates
- Installing Certificates for the VCM Collector
- Changing Certificates
- Delivering Initial Certificates to Agents
- Storing and Transporting Certificates
- Mark a Certificate as Authorized on Windows
- Creating Certificates Using Makecert
- Update the Collector Certificate Thumbprint in the VCM Database
- Managing the VCM UNIX Agent Certificate Store
- Supplemental References
- Index
The Microsoft CSPs that ship with Windows 2000, Windows Sever 2003, Windows XP, Windows Vista,
Windows 7, and Windows Server 2008 meet the FIPS 140–2 standard. Do not delete, replace, or
supplement these packages with non-FIPS cryptography. The Microsoft CSPs that ship with Windows
Server 8 and Windows Server 2012 are not yet (15 July 2013) FIPS 140-2 validated. See
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140InProcess.pdf.
All systems in this zone are Microsoft Windows-based. To view the list of installed cryptography
providers, run the following command:
C:\> certutil -csplist
Check your list against the National Institute of Standards and Technology (NIST) Computer Security
Resource Center (CSRC) Web site to verify that your modules are FIPS 140-validated.
VCM Security Guide
24
VMware, Inc.