To configure a View Transfer Server instance to use an SSL server certificate, you must copy your certificate and private key files to the View Transfer Server host. You can use an SSL server certificate that is signed by a CA, or you can generate a self-signed certificate.

The Apache server on the View Transfer Server instance requires Base64 encoded DER (PEM) certificates. Certificate files and key files must have the extensions .crt and .key respectively.

When you install View Transfer Server, the installer generates the default certificate file, server.crt, and private key file, server.key. In the following procedure, make sure that you replace these files in the View Transfer Server certificate directory or configure the Apache configuration file to specify the names of your own certificate and private key files.

If your SSL server certificate is signed by an intermediate CA, you must add the intermediate certificate to the View Transfer Server certificate directory and configure the Apache configuration file to specify the name of the intermediate certificate.

Add openssl to the system Path variable on your host. See Add openssl to the System Path.

If you obtained a server certificate from a CA, or your organization provided a server certificate, verify that your certificate is in PEM format.

If your certificate files and key files are in a PKCS#12 keystore file, see Prepare an Existing Certificate in PKCS#12 Format for Use with View Transfer Server.

If you use an intermediate CA, obtain an intermediate certificate in PEM format.

1

Stop the View Transfer Server service.

2

Copy the server certificate, intermediate certificate (if any), and private key files to the directory install_directory\VMware\VMware View\Server\httpd\conf on the View Transfer Server host.

3

If you have not already taken this step, remove the pass phrase from the private key.

This step prevents Apache from prompting you for your pass phrase each time it is restarted.

For example: openssl rsa -in server-with-pass.key -passin password -out server.key

4

Edit the entries for SSLCertificateFile and SSLCertificateKeyFile in the Apache configuration file mod_vprov.conf to specify the names of the server certificate and private key files.

For example:

SSLCertificateFile server.crt
SSLCertificateKeyFile server.key
5

If you copied an intermediate certificate file to the View Transfer Server host, add an entry for the SSLCertificateChainFile directive to mod_vprov.conf.

For example:

SSLCertificateChainFile intermediateCA.crt
6

Restart the View Transfer Server service to make your changes take effect.

7

Verify that the certificate is configured correctly by using your Web browser to navigate to the View Transfer Server host address. For example: https://transfer_server_host_address.

In View Administrator, configure settings to use SSL for local mode provisioning and other local mode operations. See Configure SSL for View Transfer Server Communications.

If your SSL certificates are signed by a CA that is not well known, install the root certificate (if not already present) and intermediate certificate in Active Directory. See Add SSL Certificates in Active Directory.