| 4) Certificates for vCenter Server, View Composer, and View servers must include certificate revocation lists (CRLs).
View will not validate a certificate without a CRL.
· Best Choice: lf needed, take these steps:
o Add a CRL to your certificate.
o Import the updated certificate into the Windows certificate store on the vCenter Server, View Composer, and View server host.
· Alternative: Change the registry settings that control CRL checking.
More information: “Configuring Certificate Revocation Checking on Server Certificates” in the View Installation guide.
Note: If your company uses proxy settings for Internet access, you might have to configure your View Connection Server computers to use them. This step ensures that the servers can access the certificate revocation checking sites on the Internet. You can use Microsoft Netshell commands to import the proxy settings to View Connection Server.
More information: “Troubleshooting View Server Certificate Revocation Checking" in the View Administration guide.
5) Windows Firewall with Advanced Security must be enabled on Security Server and View Connection Server hosts.
By default, IPsec rules govern connections between the View security server and View Connection Server and require Windows Firewall with Advanced Security to be enabled.
· Best choice: Set Windows Firewall with Advanced Security to on before you install the View servers. Make sure it’s on for any active profiles; better still, set it to on for all profiles.
· Alternative: Before you install security servers, open View Administrator and disable the Global Setting, Use IPsec for Security Server Connections, by setting it to no. (This is not recommended.)
| 