Deploying the Orchestrator Appliance requires that you create a certificate. You can create a self-signed certificate to guarantee encrypted communication and a signature for your packages. However, the recipient cannot be sure that the self-signed package that you are sending is in fact a package issued by your server and not a third party claiming to be you.


  1. Log in to the Orchestrator configuration interface as vmware.
  2. Click Server Certificate.
  3. Click Create certificate database and self-signed server certificate.
  4. Type the relevant information.
  5. From the drop-down menu, select a country.
  6. Click Create.


Orchestrator generates a server certificate that is unique to your environment. The details about the certificate's public key appear in the Server Certificate window. The certificate's private key is stored in the vmo_keystore table of the Orchestrator database.

What to do next

For disaster recovery purposes, you can save the certificate private key to a local file.