The server certificate private key is stored in the vmo_keystore table of the Orchestrator database. In case you lose or delete this key, or if you bind the Orchestrator server to a different database, the contents of the exported packages signed with this certificate become unavailable. To ensure that packages are decrypted on import, you must save this key to a local file.

You must have created or imported a server certificate.


Log in to the Orchestrator configuration interface as vmware.


Click Server Certificate.


Click Export certificate database.


Type a password to encrypt the content of the exported keystore database.

You must enter this password again when importing the file.


Click Export.


Save the vmo-server.vmokeystore file when prompted.