6.4
Table Of Contents
- VMware vRealize Operations for Published Applications Installation and Administration
- Contents
- VMware vRealize Operations for Published Applications Installation and Administration
- Introducing vRealize Operations for Published Applications
- System Requirements for vRealize Operations for Published Applications
- Installing and Configuring vRealize Operations for Published Applications
- Install and Configure vRealize Operations for Published Applications
- Downloading the vRealize Operations for Published Applications Installation Files
- Install the vRealize Operations for Published Applications Solution
- Open the Ports Used by vRealize Operations for Published Applications
- Adding a vRealize Operations for Published Applications License Key
- Associate XD-XA Objects with Your vRealize Operations for Published Applications License Key
- Create an Instance of the vRealize Operations for Published Applications 6.4 Adapter
- Enabling Firewall Rules for XenDesktop Delivery Controllers and PVS Server
- Install the vRealize Operations for Published Applications Broker Agent
- Configure the vRealize Operations for Published Applications Broker Agent
- Configure Broker Agent to use Non-Admin User for Citrix Desktop Delivery Controller
- Install a vRealize Operations for Published Applications Desktop Agent
- Push the vRealize Operations for Published Applications Desktop Agent Pair Token Using a Group Policy
- Install and Configure vRealize Operations for Published Applications
- Enable PowerShell Remoting on the Server
- Enabling HTTP or HTTPS Protocols for PowerShell Remoting
- Monitoring Your Citrix XenDesktop and Citrix XenApp Environments
- Managing RMI Communication in vRealize Operations for Published Applications
- Changing the Default TLS Configuration in vRealize Operations for Published Applications
- Managing Authentication in vRealize Operations for Published Applications
- Certificate and Trust Store Files
- Replacing the Default Certificates
- Certificate Pairing
- SSL/TLS and Authentication-Related Log Messages
- Upgrade vRealize Operations for Published Applications
- Create a vRealize Operations Manager Support Bundle
- Download vRealize Operations for Published Applications Broker Agent Log Files
- Download vRealize Operations for Published Applications Desktop Agent Log Files
- View Collector and vRealize Operations for Published Applications Adapter Log Files
- Modify the Logging Level for vRealize Operations for Published Applications Adapter Log Files
- Index
Ensure that your setup meets the following requirements when generating an SSL certicate to use with
PowerShell remoting:
n
Set the Certicate Enhanced Key Usage (EKU) "Server Authentication" (OID=1.3.6.1.5.5.7.3.1).
n
Set the Certicate Subject to "CN=HOSTNAME".
In all these methods, an SSL certicate in PKCS12 format (PFX le) without a password is generated.
Create a Self-Signed SSL Certificate Using the IIS Manager
If IIS 7 or IIS 8 is installed on the remote server, you can use the IIS Manager to generate self-signed SSL
certicates.
Procedure
1 Open the IIS Manager.
2 In the Connections pane, select the top-most machine node.
3 Click Server in the Details pane.
4 Click Create Self-Signed in the Actions pane.
5 Enter HOSTNAME as certicate friendly name.
6 Select Personal as the certicate store.
Create a Self-Signed SSL Certificate Using Makecert.exe
makecert.exe is a part of Microsoft Windows SDK. If you have Microsoft Visual Studio .NET installed, you
can use both the makecert.exe and pvk2pfx.exe tools.
Procedure
1 Open the Visual Studio command prompt as an Administrator.
2 Navigate to the folder where you want to create the certicate les.
3 To create a certicate and a private key le, run the following command:
makecert -r -pe -n "CN=HOSTNAME" -eku 1.3.6.1.5.5.7.3.1 -sky exchange -sv HOSTNAME.pvk
HOSTNAME.cer
4 To convert the les into a .pfx le, run the following command:
pvk2pfx -pvk HOSTNAME.pvk -spc HOSTNAME.cer -pfx HOSTNAME.pfx
5 Deploy the generated SSL certicate to the remote server and import it there.
Create a Self-Signed SSL Certificate Using OpenSSL
You can create a self-signed certicate using OpenSSL.
Prerequisites
Download the Win32 OpenSSL Light package for generating SSL certicates from
hp://slproweb.com/products/Win32OpenSSL.html to a folder of your choice; for example,
C:\Utils\OpenSSL.
Procedure
1 To add Server Authentication to EKU, open openssl.cfg and add extendedKeyUsage seing under the
v3_ca section.
[ v3_ca ] extendedKeyUsage = serverAuth
Chapter 6 Enabling HTTP or HTTPS Protocols for PowerShell Remoting
VMware, Inc. 31