VMware CLOUD DIRECTOR 1.0 Configuration Manual page 19

Prerequisites
Follow the procedure in
n
names and their associated IP addresses on this host, along with a service choice for each domain name.
You must have access to a computer that has a Java 6 runtime environment, so that you can use the
n
command to create the certificate. The Cloud Director installer places a copy of
cloud-director/jre/bin/keytool
runtime environment installed. Creating and importing the certificates before you install and configure
Cloud Director software simplifies the installation and configuration process. The command-line
examples assume that
as passwd.
Procedure
1 Create an untrusted certificate for the HTTP service host.
This command creates an untrusted certificate in a keystore file named
keytool -keystore certificates.ks -storetype JCEKS -storepass
alias http
In response to the keytool question:
What is your first and last name?
enter the fully qualified domain name of the HTTP service host. For the remaining questions, provide
answers appropriate for your organization and location, as shown in this example.
What is your first and last name? [Unknown]:mycloud.example.com
What is the name of your organizational unit? [Unknown]:Engineering
What is the name of your organization? [Unknown]:Example Corporation
What is the name of your City or Locality? [Unknown]:Palo Alto
What is the name of your State or Province? [Unknown]:California
What is the two-letter country code for this unit? [Unknown]:US
Is CN=mycloud.example.com, OU=Engineering, O="Example Corporation", L="Palo Alto",
ST=California, C=US correct?[no]: yes
Enter key password for <http> (RETURN if same as keystore password):
2 Create an untrusted certificate for the console proxy service host.
This command adds an untrusted certificate to the keystore file created in
keytool -keystore certificates.ks -storetype JCEKS -storepass
alias consoleproxy
In response to the keytool question:
What is your first and last name?
enter the fully qualified domain name of the console proxy service host. For the remaining questions,
provide answers appropriate for your organization and location, as shown in the example in
3 To verify that all the certificates have been imported, list the contents of the keystore file.
keytool -storetype JCEKS -storepass
4 Repeat this procedure to create certificates for each additional Cloud Director host.
VMware, Inc.
Chapter 1 Overview of VMware Cloud Director Installation and Configuration
"Creating SSL Certificates,"
, but you can perform this procedure on any computer that has a Java
is in the user's path. The keystore password is represented in these examples
keytool
passwd -keystore certificates.ks -list
on page 15 to generate a list of fully-qualified domain
certificates.ks
passwd -genkey -keyalg RSA -
Step
passwd -genkey -keyalg RSA -
keytool
in
keytool /opt/vmware/
.
1.
Step 1.
19