Specifications
www.vmware.com
122
VMware GSX Server Administration Guide
Using Your Own Security Certificates
If you prefer, you can use your own security certificate when you enable SSL.
On a Windows host, run the Microsoft Management Console (mmc.exe) and select
your certificate. When you upgrade the VMware Management Interface on a GSX
Server for Windows host, you need to reassign your certificate to the management
interface.
On a Linux host, the VMware Management Interface certificate must be placed in
/etc/vmware-mui/ssl. The management interface certificate consists of two
files: the certificate itself (mui.crt) and the private key file (mui.key). The private
key file should be readable only by the root user.
When you upgrade the VMware Management Interface on a Linux host, the certificate
remains in place and, in case you removed the management interface, the directory is
not removed from your host.
Enabling and Disabling SSL for Remote Sessions
You enable and disable SSL for VMware Virtual Machine Console connections in the
console or the management interface. You enable SSL for VMware Management
Interface connections in the management interface. By default, SSL is enabled for all
remote connections.
Remember that the certificates used in these secure sessions are not signed by a
trusted certificate authority; therefore they do not provide authentication. If you
intend to use encrypted remote connections externally, you should consider
purchasing a certificate from a trusted certificate authority.
To change SSL settings for console and management interface connections from the
VMware Management Interface, see Securing Remote Connections with SSL on
page 149.
To change the SSL setting for console connections from the VMware Virtual Machine
Console, see Enabling SSL for VMware Virtual Machine Console Connections on
page 163.