6.3
Table Of Contents
- VMware vRealize Operations for Published Applications Installation and Administration
- Contents
- VMware vRealize Operations for Published Applications Installation and Administration
- Introducing vRealize Operations for Published Applications
- System Requirements for vRealize Operations for Published Applications
- Installing and Configuring vRealize Operations for Published Applications
- Install and Configure vRealize Operations for Published Applications
- Downloading the vRealize Operations for Published Applications Installation Files
- Install the vRealize Operations for Published Applications Solution
- Open the Ports Used by vRealize Operations for Published Applications
- Adding a vRealize Operations for Published Applications License Key
- Associate XD-XA Objects with Your vRealize Operations for Published Applications License Key
- Create an Instance of the vRealize Operations for Published Applications 6.3 Adapter
- Enabling Firewall Rules for XenDesktop Delivery Controllers and PVS Server
- Install the vRealize Operations for Published Applications Broker Agent
- Configure the vRealize Operations for Published Applications Broker Agent
- Configure Broker Agent to use Non-Admin User for Citrix Desktop Delivery Controller
- Install a vRealize Operations for Published Applications Desktop Agent
- Push the vRealize Operations for Published Applications Desktop Agent Pair Token Using a Group Policy
- Install and Configure vRealize Operations for Published Applications
- Enable PowerShell Remoting on the Server
- Enable HTTP Protocol for PowerShell Remoting
- Enable HTTPS Protocol for PowerShell Remoting
- Configure Firewall
- Update the etc/host file for DNS Resolution
- Install the Certificate on the Client
- Test Connection from Client Machine
- Flow of Commands for SSL cert Using makecert
- Monitoring Your Citrix XenDesktop and Citrix XenApp Environments
- Managing RMI Communication in vRealize Operations for Published Applications
- Changing the Default TLS Configuration in vRealize Operations for Published Applications
- Managing Authentication in vRealize Operations for Published Applications
- Certificate and Trust Store Files
- Replacing the Default Certificates
- Certificate Pairing
- SSL/TLS and Authentication-Related Log Messages
- Upgrade vRealize Operations for Published Applications
- Create a vRealize Operations Manager Support Bundle
- Download vRealize Operations for Published Applications Broker Agent Log Files
- Download vRealize Operations for Published Applications Desktop Agent Log Files
- View Collector and vRealize Operations for Published Applications Adapter Log Files
- Modify the Logging Level for vRealize Operations for Published Applications Adapter Log Files
- Index
Certificate Pairing 19
Before broker agents can communicate with the vRealize Operations for Published Applications adapter, the
adapter certificate must be shared with the agents, and the broker agent certificate must be shared with the
adapter. The process of sharing these certificates if referred to as certificate pairing.
The following actions occur during the certificate pairing process:
1 The broker agent's certificate is encrypted with the adapter's server key.
2 A connection is opened to the certificate management server and the encrypted certificate is passed to
the adapter instance. The adapter decrypts the broker agent's certificate by using the server key. If
decryption fails, an error is returned to the broker agent.
3 The broker agent's certificate is placed in the adapter's trust store.
4 The adapter's certificate is encrypted with the adapter's server key.
5 The encrypted certificate is returned to the broker agent. The broker agent decrypts the adapter's
certificate by using the server key. If decryption fails, an error is returned to the user.
6 The adapter's certificate is placed in the broker agent's trust store.
7 The adapter's certificate is sent to all XD-XA hosts via Group Policy.
After the certificates are successfully paired, they are cached in the trust stores for each individual
component. The broker certificate and the trust store are sent to all session hosts. The adapter certificate is
stored in the trust store and the broker certificate is stored in the v4pa-brokeragent.jks. If you provision a
new XD-XA server, the adapter's certificate is sent to the server by using the Group Policy, and you do not
need to pair the certificates again. However, if either the adapter or broker agent certificate changes, you
must pair the certificates again.
You use the vRealize Operations for Published Applications Broker Agent Settings wizard to pair
certificates.
VMware, Inc.
73