To provide recipients with an acceptable level of trust that the package was created by your server, certificates are typically signed by a certificate authority (CA). Certificate authorities guarantee that you are who you claim to be, and as a token of their verification, they sign your certificate with their own.
- Log in to the Orchestrator configuration interface as vmware.
- Click Server Certificate.
- Generate a Certificate Signing Request (CSR).
- Click Export certificate signing request.
- Save the VSOcertificate.csr file in your file system when prompted.
- Send the CSR file to a Certificate Authority, such as VeriSign or Thawte.
Procedures might vary from one CA to another, but they all require a valid proof of your identity.
The CA returns a certificate that you must import.
- Click Import certificate signing request signed by CA and select the file sent by your CA.
Orchestrator uses the server certificate to perform the following tasks:
Signs all packages before they are exported by attaching your certificate’s public key to each one.
Displays a user prompt after users import a package that contains elements signed by untrusted certificates.
What to do next
You can import this certificate on other servers.