Book Image

Getting Started with XenDesktop 7.x

By : Craig Thomas Ellrod
Book Image

Getting Started with XenDesktop 7.x

By: Craig Thomas Ellrod

Overview of this book

Table of Contents (27 chapters)
Getting Started with XenDesktop 7.x
Credits
Notice
About the Author
About the Reviewers
www.PacktPub.com
Preface
Creating a Domain Certificate Authority
Index

Securing the XenDesktop® to XenServer® communications


When XenDesktop is installed on XenServer, you need to secure the communications between these two. You will need to replace the default SSL certificate on XenServer.

To replace the default certificate on XenServer, perform the following steps:

  1. Log in to XenServer and get to a command prompt.

  2. Modify /etc/pki/tls/openssl.cnf as follows:

    • Uncomment the following line:

      req_extensions = v3_req
    • Modify the request section as follows:

      [v3_req]
      basicConstraints = CA:FALSE
      keyUsage = keyEncipherment
      extendedKeyUsage = serverAuth
  3. Generate a certificate request as follows:

    openssl genrsa –out [servername].private 2048
    openssl req –new –outform PEM –out [servername].request –keyform PEM –key [servername].private –days 1800

    Here, [servername] is the XenServer hostname.

  4. Submit the request [servername].request to a CA and retrieve the CA-signed certificate.

  5. Move the existing certificate as follows:

    mv /etc/xensource/xapi-ssl.pem /etc/xensource/xapi-ssl.pem_orig
  6. Add...