Create and Add a Microsoft Certificate Authority Template
You must set up a certificate template in the Microsoft Certificate Authority. The
template contains the certificate authority attributes for signing certificates for the VMware
Cloud Foundation components. After you create the template, you add it to the certificate
templates of the Microsoft Certificate Authority.
- Log in to the Active Directory server by using a Remote Desktop Protocol (RDP) client.FQDNActive Directory HostUserActive Directory administratorPasswordad_admin_password
- Click , entercerttmpl.msc, and clickOK.
- In theCertificate Template Consolewindow, underTemplate Display Name, right-clickWeb Serverand selectDuplicate Template.
- In theProperties of New Templatedialog box, click theCompatibilitytab and configure the following values.SettingValueCertification AuthorityWindows Server 2008 R2Certificate recipientWindows 7 / Server 2008 R2
- In theProperties of New Templatedialog box, click theGeneraltab and enter a name for example,VMwarein theTemplate display nametext box.
- In theProperties of New Templatedialog box, click theExtensionstab and configure the following.
- ClickApplication Policiesand clickEdit.
- ClickServer Authentication, clickRemove, and clickOK.
- ClickBasic Constraintsand clickEdit.
- Click theEnable this extensioncheck box and clickOK.
- ClickKey Usageand clickEdit.
- Click theSignature is proof of origin (nonrepudiation)check box, leave the defaults for all other options and clickOK.
- In theProperties of New Templatedialog box, click theSubject Nametab, ensure that theSupply in the requestoption is selected, and clickOKto save the template.
- Add the new template to the certificate templates of the Microsoft CA.
- Click , entercertsrv.msc, and clickOK
- In theCertification Authoritywindow, expand the left pane, right-clickCertificate Templates, and select .
- In theEnable Certificate Templatesdialog box, selectVMware, and clickOK.