You can configure the Orchestrator configuration server to use a different SSL certificate, for example if your company security policy requires you to use their SSL certificates.
Prerequisites
Make sure that you have generated or installed an SSL certificate signed by a CA.
Procedure
1 | Open the following Orchestrator application server configuration file in a text editor.
|
|
|---|
|
If you installed the standalone version of Orchestrator
|
Go to install_directory\VMware\Orchestrator\configuration\jetty\etc\jetty.xml.
|
|
If the vCenter Server installed Orchestrator
|
Go to install_directory\VMware\Infrastructure\Orchestrator\configuration\jetty\etc\jetty.xml.
|
|
2 | In the jetty.xml file, find the following entry: <Call name="addConnector">
<Arg>
<New class="org.mortbay.jetty.security.SslSocketConnector">
<Set name="Port">8283</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="handshakeTimeout">2000</Set>
<Set name="keystore"><SystemProperty name="jetty.home" default="." />/etc/jssecacerts</Set>
<Set name="password">dunesdunes</Set>
<Set name="keyPassword">dunesdunes</Set>
<Set name="truststore"><SystemProperty name="jetty.home" default="." />/etc/jssecacerts</Set>
<Set name="trustPassword">dunesdunes</Set>
|
3 | Change the keystore, truststore, password, keyPassword and trustPassword values to refer to your <your_keystore_filename> file and password. |
4 | Save the jetty.xml file. |
5 | Restart the Orchestrator configuration server. |
You successfully changed the SSL certificate for the Orchestrator configuration interface.