Preparing an SSL Certificate Template for VMware View 5.2 is quite easy compared to the other vCenter components. What we have to keep in mind in this case is that the Private Key need to be exportable since both View Composer and View Connection Server requieres that option.
First of all let's go in our Certification Authority to find our Certificate Templates And select Manage from the contextual menu (or you may use the shortcut certtmpl.msc to go straight to the template console)
Now let's duplicate our Web Server template by using the contextual menu action Duplicate Template
We pick Windows Server 2003 Enterprise as a Minimal Supported CA
We can now start to customize our View SSL Template.
Let's start by giving it a descriptive label like VMware View SSL (note the difference between the display name and the template name, the display name has some escape characters while the template name doesn't).
Our template will be refered as VMwareViewSSL later on.
Our template should only be used for Server Authentication as we don't need Client Authentication here.
Next we're going to Edit the Key Usage.
We tick Allow encryption of user data
In the Request Handling tab, the most important part is to tick the option Allow private key to be exported.
We do a quick check in the Subject Name tab to ensure that the Supply in the request option is ticked. This is important for the Subject Alternative Name (SAN) property.
We validate the creation of our template and we should be able to see it among our templates
We quit the Template console and we're back in our CA's Menu.
Let's enable the template by using New >> Certificate Template to Issue from the contextual menu over the Certificate Templates folder
Once that we're in the Enable Certificate Templates menu, we choose our VMware View SSL template and we validate.
Our Template is now issued and ready to be used!
Aucun commentaire:
Enregistrer un commentaire