You can configure the Orchestrator configuration server to use a different SSL certificate, for example if your company security policy requires you to use their SSL certificates.
Prerequisites
Make sure that you have generated or installed an SSL certificate signed by a CA.
Procedure
1 | Log in to the appliance Linux console as root and navigate to the jetty.xml file.
The default location is:
/opt/vmo/configuration/jetty/etc/jetty.xml.
|
2 | In the jetty.xml file, find the following entry: <Call name="addConnector">
<Arg>
<New class="org.mortbay.jetty.security.SslSocketConnector">
<Set name="Port">8283</Set>
<Set name="maxIdleTime">30000</Set>
<Set name="handshakeTimeout">2000</Set>
<Set name="keystore"><SystemProperty name="jetty.home" default="." />/etc/jssecacerts</Set>
<Set name="password">dunesdunes</Set>
<Set name="keyPassword">dunesdunes</Set>
<Set name="truststore"><SystemProperty name="jetty.home" default="." />/etc/jssecacerts</Set>
<Set name="trustPassword">dunesdunes</Set>
|
3 | Change the keystore, truststore, password, keyPassword and trustPassword values to refer to your <your_keystore_filename> file and password. |
4 | Save the jetty.xml file. |
5 | Restore the default vco user credentials by running the following command: chown vco.vco /opt/vmo/configuration/jetty/etc/jetty.xml
chmod 600 /opt/vmo/configuration/jetty/etc/jetty.xml
Important
The vco user must be the owner of the jetty.xml file. Otherwise you cannot start the Orchestrator configuration service.
|
6 | Restart the Orchestrator configuration server. |
You successfully changed the SSL certificate for the Orchestrator configuration interface.