The retrieveVMwareCertificate.py script can complete all
of the steps that are needed to configure VMware Infrastructure 3 platforms and WebSphere® Virtual
Enterprise. However, you can also
complete these steps manually by creating the signer certificate and
required custom properties in the administrative console.
Before you begin
- Configure the VMware Infrastructure 3 platforms environment
on your physical servers. Your VMware Infrastructure 3 platforms environment must
meet the following requirements:
- Your VMware Infrastructure 3 platforms environment
must be on servers that are running Solaris Operating Environment
on Intel® hardware, Windows®, or Linux® x86
operating systems.
- You must use VMware products
that support VMware Infrastructure 3 platforms.
The supported versions are:
- VMware VirtualCenter
Version 2.5
- VMware ESX Version
3.5
- VMware vSphere Version
4.0, which includes VMware ESXi
and VMware vCenter Server
The documentation generically refers to these servers with the
following terminology:
- ESX server:
Refers to VMware ESX Version
3.5 or a VMware ESXi server in VMware vSphere Version 4.0.
- vCenter server:
Refers to VMware VirtualCenter
Version 2.5 or a VMware vCenter
server in VMware vSphere
Version 4.0.
- Install and configure WebSphere Virtual
Enterprise on
each virtual machine.
Procedure
- If you are configuring WebSphere Virtual
Enterprise to communicate with
avCenter server:
- Retrieve a signer from the vCenter server
and store the signers in the CellDefaultTrustStore key store.
To retrieve the signer, you can either use the administrative
console or run the retrieveVMwareCertificate.py script.
To retrieve the signer certificate by running the script:
./wsadmin.sh -lang jython -f retrieveVMwareCertificate.py
-host:<vmware_virtual_center_host_name> -port:<vmware_virtual_center_ssl_port_number>
Where <vmware_virtual_center_host_name> is
the host name of the vCenter and <vmware_virtual_center_ssl_port_number> is
the secure SSL port of the vCenter.
To
retrieve the signer certificate using the administrative console:
- Navigate to the signer certificates administrative console panel.
In the administrative console, click .
- Enter the host and port information for the vCenter server
and an alias or name for the certificate. The alias should follow
the syntax: <vmware_virtual_center_short_host>-vmware.
For example, if the hostname of the vCenter server
is myvmwarevc.foo.net, the alias name would
be myvmwarevc-vmware. For Hypertext Transfer
Protocol Secure (HTTPS), the default port value is 443.
- Click Retrieve signer information.
- Click Apply. This action indicates that
you accept the credentials of the signer.
The signer certificate that is retrieved from the vCenter server
is stored in the CellDefaultTrustStore keystore.
- Configure custom properties for the vCenter server
so that WebSphere Virtual
Enterprise can use
Web services to communicate with the VMware Infrastructure SDK (VI SDK). In
the administrative console, click . Create the following cell-wide custom properties:
- vmware.service.unique_id.url
- vmware.service.unique_id.userid
- vmware.service.unique_id.password
The unique_id value is a unique identifier
that represents the vCenter. For example,
if the host name of the vCenter server
is myvmwarevc.foo.net and the port is 443,
the unique_id value would be myvmwarevc_foo_net_443.
Following the same example, the names of the custom properties would
be: vmware.service.myvmwarevc_foo_net_443.url
vmware.service.myvmwarevc_foo_net_443.userid
vmware.service.myvmwarevc_foo_net_443.password
- If you are configuring WebSphere Virtual
Enterprise to communicate with ESX servers:
- Retrieve a signer from the ESX server and store
the signers in the CellDefaultTrustStore key store. To
retrieve the signer, you can either use the administrative console
or run the retrieveVMwareCertificate.py script.
To retrieve the signer certificate by running the script:
./wsadmin.sh -lang jython -f retrieveVMwareCertificate.py
-host:<vmware_esx_server_host_name> -port:<vmware_esx_server_ssl_port_number>
Where <vmware_esx_server_host_name> is
the host name of the ESX server
and <vmware_esx_server_ssl_port_number> is the
secure SSL port of the ESX server.
To
retrieve the signer certificate using the administrative console:
- Navigate to the signer certificates administrative console panel.
In the administrative console, click .
- Enter the host and port information for the ESX server and an alias
name for the certificate. The alias should follow the syntax: <vmware_esx_server_short_host>-vmware.
For example, if the hostname of the ESX server is myvmwareesx.foo.net,
the alias name would be myvmwareesx-vmware.
For Hypertext Transfer Protocol Secure (HTTPS), the default port
value is 443.
- Click Retrieve signer information.
- Click Apply. This action indicates that
you accept the credentials of the signer.
The signer certificate that is retrieved from the ESX server is stored
in the CellDefaultTrustStore keystore.
- Configure custom properties for the ESX servers so that WebSphere Virtual
Enterprise can use Web services
to communicate with the VMware Infrastructure SDK (VI SDK).
In the administrative console, click . Create the following cell-wide custom properties:
- vmware.service.unique_id.url
- vmware.service.unique_id.userid
- vmware.service.unique_id.password
The unique_id value is a unique identifier
that represents the ESX server.
For example, if the host name of the ESX server is myvmwareesx.foo.net and
the port is 443, the unique_id value
would be myvmwareesx_foo_net_443. Following
the same example, the names of the custom properties would be:
vmware.service.myvmwareesx_foo_net_443.url
vmware.service.myvmwareesx_foo_net_443.userid
vmware.service.myvmwareesx_foo_net_443.password
Repeat these steps for each ESX server in your configuration.