You create a CA certificate for the Mirage Gateway server using OpenSSL.

About this task

Linux is case sensitive.

Prerequisites

  • Create the server.conf file.

Procedure

  1. Access the OpenSSL command prompt.
  2. Create a root CA certificate. 
    openssl req -newkey rsa:4096 -sha512 -days 9999 -x509 -nodes -out root.cer
  3. Create additional internal data used in the server.conf file. 
    touch certindex
echo 000a > certserial
echo 000a > crlnumber
  4. Generate a CA certificate request for the Mirage Gateway server and the Mirage server. 
    openssl req -newkey rsa:4096 -sha512 -nodes -out server.csr -keyout server.key -subj "/C=CN/ST=bj/L=bj/O=VMware/OU=EUC/CN=10.117.162.236"

    The value for the CN variable must be the same as the FQDN or the IP address of the Mirage server specified during the Mirage server installation.

  5. Create a certificate for the Mirage Image Service Gateway server and the Mirage Image Service server. 
    openssl ca -batch -config server.conf -notext -in server.csr -out server.cer
  6. Convert the certificate for the Mirage Gateway server to .pem format. 
    cat server.key server.cer >GW.pem
  7. Convert the certificate for the Mirage server to .pfx format. 
    openssl pkcs12 -export -inkey server.key -in server.cer -out Server.pfx

Results

Import the certificate by using the Web console.