vCloud Automation Center IaaS components use certificates and SSL to secure communications between components.

In a minimal installation for proof-of-concept purposes, you can use self-signed certificates.

In a distributed environment, it is a best practice to obtain a domain certificate from a trusted certificate authority.


You must disable TLS1.2 for certificates using SHA512 on Windows 2012 machines. For more information about disabling TLS1.2, consult the Microsoft Knowledge Base article at

If you are performing a distributed installation, follow these steps to prepare the IaaS certificate.


Get a certificate from a trusted certificate authority.


To ensure that the certificate authority and that the root certificate is trusted, place the root certificate from the certificate authority into the Trusted Root using the Windows certificate plug-in.


Add the certificate to IIS.


Restart the IIS machine.


Start the IaaS installer.