VMware CLOUD DIRECTOR 1.0 Manual de usuario descargar pdf (Pagina 16)

Table 1-13. SSL Certificate Information

Service Name IP Address Hostname (FQDN)

HTTP 10.100.101.19 foo.example.com

Console Proxy 10.100.101.20 bar.example.com

4 Create the certificates.

You can use signed certificates (signed by a trusted certification authority) or self-signed certificates.

Signed certificates provide the highest level of trust.

To create signed certificates, see “Create and Import a Signed SSL Certificate,” on page 16.

To create self-signed certificates, see “Create a Self-Signed SSL Certificate,” on page 18.

Create and Import a Signed SSL Certificate

Signed certificates provide the highest level of trust for SSL communications.

Each Cloud Director host requires two SSL certificates, one for each of its IP addresses, in a Java keystore file.

You must execute this procedure for each host that you intend to use in your Cloud Director cluster. You can

use signed certificates (signed by a trusted certification authority) or self-signed certificates. Signed certificates

provide the highest level of trust. To create and import self-signed certificates, see “Create a Self-Signed SSL

Certificate,” on page 18.

Prerequisites

Follow the procedure in “Creating SSL Certificates,” on page 15 to generate a list of fully-qualified domain

names and their associated IP addresses on this host, along with a service choice for each domain name.

You must have access to a computer that has a Java 6 runtime environment, so that you can use the

keytool command to create the certificate. The Cloud Director installer places a copy of keytool

in /opt/vmware/cloud-director/jre/bin/keytool, but you can perform this procedure on any computer

that has a Java runtime environment installed. Creating and importing the certificates before you install

and configure Cloud Director software simplifies the installation and configuration process. The

command-line examples assume that keytool is in the user's path. The keystore password is represented

in these examples as passwd.

Procedure

1 Create an untrusted certificate for the HTTP service host.

This command creates an untrusted certificate in a keystore file named certificates.ks.

keytool -keystore certificates.ks -storetype JCEKS -storepass

passwd

-genkey -keyalg RSA -

alias http

In response to the keytool question:

What is your first and last name?

enter the fully qualified domain name of the HTTP service host. For the remaining questions, provide

answers appropriate for your organization and location, as shown in this example.

What is your first and last name? [Unknown]:mycloud.example.com

What is the name of your organizational unit? [Unknown]:Engineering

What is the name of your organization? [Unknown]:Example Corporation

What is the name of your City or Locality? [Unknown]:Palo Alto

What is the name of your State or Province? [Unknown]:California

Cloud Director Installation and Configuration Guide

16 VMware, Inc.

1 2 ... 11 12 13 14 15 16 17 18 19 20 21 ... 33 34

Comentarios a estos manuales

Sin comentarios

VMware CLOUD DIRECTOR 1.0 Manual de usuario Pagina 16

Comentarios a estos manuales

Relacionado con productos y manuales para Manuales de software VMware CLOUD DIRECTOR 1.0