VMware VCENTER APPLICATION DISCOVERY MANAGER 6.1.1 - RESPOSITORY Manuel d'utilisateur télécharger pdf (Page 30)

Application Discovery Manager Administration Guide

30 VMware, Inc.

6Placeyourcursorattheendofthelineandappendthelinebytyping:

single

7PressEntertocommitthechange.

8Pressbtostartthesystem.

Yoursystemstartswithoutrequiringapassword.

9Typethefollowingcommandtoresetthepassword:

passwd

10 Followthepromptsastheyappearonthescreentosetthepassword.

11 Typethefollowingcommandtorestartthesystem:

reboot

Yourpasswordischangedandrestartsthesystem.

OpenSSL Self-Signed Test Certificates

TheVMwarevCenterApplicationDiscoveryManagerdefaultinstalledcertificateiscreatedduringthe

installationandisvalidforoneyeartousetheapplianceuntilyouacquirealocalCertificateAuthority(CA).

Public‐facingsecureWebsitesmustuseathird‐partyCA.Ifyouwanttousetheapplianceintestenvironment

andthendeploythatappliancetoaproductionenvironment,youmustnotchangethehostnameastheADM

doesnotsupportchangingthehostname.Instead,youcansetupanaliasintheDNStoresolvetheappliance

hostname.

CA Signed Test Certificates

TocreateCAsignedcertificates,youmustgenerateacertificaterequestfile(csr).Thecertificaterequestfile

providesdetailsabouttherequesterofthecertificateandthecertificateissignedbytheprivatekeyaboveto

yourtrustedcertificateauthority.

Createthecertificaterequestbytyping:

openssl req -new -key server.key -out server.csr

FillintheX.509attributesasspecifiedpreviously.FormoredetailsconsultyourCA.

ToinstallthecertificateprovidedbyyourCA,performthestepsdescribedin“Copyingthe.keyand.crtFiles”

onpage 31.

FreeCAproviders,ashttp://www.cacert.orgexist.

Self-Signed Certificates

Useself‐signedcertificatesonlyinthetestenvironments,orwhereonlyalimitednumberofconnectionsis

established.Forexample,peer‐to‐peerrelationshipscanbeacustomVPNorAS2linkbetweentwocompanies,

orbetweentwodifferentsitesofthesamecompany.Self‐signedcertificatesbecomeimpracticalas

thenumber

ofcertificatesnecessarytomanagegrowslinearlywiththenumberofpeeringrelationships.AlocalCA,while

morecomplextosetup,reducesthenumberofkeysrequiredtobedistributedforverification,andreplicates

areal‐worldcertificateenvironment.ACAcancostlesstomanagethanhundreds

orthousandsofindividual

certificatesoneachpeersystem.

Certificatecreationrequirestheopensslutility.TheopensslutilityislocatedintheADMappliancefolder.

/usr/bin/openssl

NOTEYoucanalsoresettheADMrootpasswordbyrunningsystem_setupcommand.

NOTEDonotusetheself‐signedcertificatesinproductionenvironments.

1 2 ... 25 26 27 28 29 30 31 32 33 34 35 ... 63 64

Commentaires sur ces manuels

Pas de commentaire

VMware VCENTER APPLICATION DISCOVERY MANAGER 6.1.1 - RESPOSITORY Manuel d'utilisateur Page 30

Commentaires sur ces manuels

Produits connexes et manuels pour Logiciel de base de données VMware VCENTER APPLICATION DISCOVERY MANAGER 6.1.1 - RESPOSITORY