The Soul of a Virtual Machine

Things to know about running a virtual machine under Virtual Server

Blogs

SSL and Virtual Server

  • Comments 2277
  • Likes

Q: Rod has this question: "I recently made the switch over to Virtual Server 2005 from VMware.  I love the web based interface but am having troubles with enabling SSL. Can I use SelfSSL from the IIS6 Reskit?  Could I set up a CA in a virtual machine to create the website and VMRC SSL certificates? Any tips on securing the Admin website and VMRC?

A: Here's a response from Ed Reed, a developer on the Virtual Machine team, and our resident VM security expert:

For the Administration Website, there are no special requirements for an SSL certificate. As long as the certificate supports Server Authentication, it really doesn't matter where the certificate comes from. The choice of certificate, however, determines the level of security that SSL encryption can provide. Here are some links to relevant information:

The requirements are different, however, for VMRC. Because Virtual Server runs as NetworkService, you need to create the VMRC SSL certificate using the IVMVirtualServer::VMRCCreateEncryptionCertificateRequest COM interface. You can also create this certificate from the Administration Website on the Virtual Machine Remote Control (VMRC) Server Properties page. This request makes a temporary certificate that can be used to perform SSL encryption, however, it doesn't have the full security of a certificate signed by a third-party CA. If you use MAKECERT or some other tool, the private key is stored such that it is inaccessible to NetworkService. Such a certificate will not work for VMRC.

Comments
  • I figured out a way to get the VMRC to use an existing SSL Cert that you may already have paid for a CA to sign...

    Run mmc.exe
    Add a Snapin (Certificates) for the Local computer
    Add a second Snapin (Certificates for a Service - Select the 'Virtual Server' service)

    Under 'Certificates (Local Computer)' under 'Personal' 'Certificates'

    Select the certificate - and export it WITHOUT the private key to C:\cert.cer
    Export it a second time WITH the private key, set a password, do not export the chain. Save as c:\cert.pfx

    Under 'Certificates - Service (Virtual Server)'
    Under 'Virtual Server\Certificate Enrollment Requests\Certificates'
    Right-click and import the .pfx file (you'll need to provide the password).

    Now - from the Web UI for Virtual Server, Server Properties
    Select the VMRC Server
    Check 'Enable' for SSL Encryption
    Select 'Upload', browse to and upload the c:\cert.cer file.

    Done... The VMRC server is now using the certificate..


    I hope this hels someone else who want's to benefit from Trusted SSL encryption with VMRC using a certificate they already have paid for...

  • Very right but such a certificate will not work for VMRC.

  • This is gonsalez music site - <a href="http://www.gonsalez.info/121107.html">best music site in da world</a>.

  • I suspect that's thereason general public want to read blog....Internet visitors generally create blogs to declare themselves or their secret views. Blog grant them same matter on the monitor screen what they specifically needed,so as the above stuffs declared it.

  • I just use my <a href="http://www.keshko.com/malecumsh.html">male cumshot pics</a>, <a href="http://www.keshko.com/freehairycuntsit.html">free hairy cunt sites</a> tools its quick and easy. You mean a review forum like where people can leave comments about certain <a href="http://www.keshko.com/vagintern.html">vaginal internal cumshots</a> and stuff? I like that idea. It would also provide some new positions on the staff.

  • I need help trying to figure out if I&#039;m straight, <a href="http://www.blackpeal.info/snice.html">'s nice ass</a>. I am very interested in guys a lot, and with girls I do get turned on by them when they&#039;re looking good. Before when I was younger (I&#039;m 16 now) I remember I made out with about 2 girls <a href="http://www.blackpeal.info/fatass.html">fat ass black women</a>, and a few years ago I had have oral sex with about 2 other girls.

  • Have you heard of the Encylopedia of <a href="http://www.longcock.info/hothot.html">hot hot ass</a>? If not, get out from under the rock, dude. Seriously. The hype machine has been going at full steam -<a href="http://www.longcock.info/gapasshole.html">gaping asshole</a>. This is supposed to be a database of all known species of organisms...

  • Adult branch nurses can take further training to become midwives, health visitors or school nurses  <a href="http://www.gurnik.info/complshav.html">completly shaved teens</a>. They may take an month conversion course to train for another branch of nursing - child, learning disability or mental health <ahref="http://www.gurnik.info/hairyteeninterr.html">hairy teen interracial sex</a>.

  • You can do good and feel good while snapping up those bargains—the store will donate a portion of its sales that day to the and the. <ahref="http://www.hyprotakt.info/hotblondehardc.html">Hot Blonde Hardcore Galleries</a>As always, get there early for the best selection. Last year there were bargain hunters in line before<a href="http://www.hyprotakt.info/teentitans.html">teen titans starfire hentai</a> the doors opened.

  • This article is my attack on the<a href="http://www.tymbaksat.info/latblow.html">latin blow jobs</a> dangerously simplistic way that some test tool companies peddle their wares. They lead their clients down a red carpet to waste and frustration by <a href="http://www.tymbaksat.info/hairychesthunks.html">hairy chest hunks</a>making reckless claims about the wonders of test automation, while downplaying all the problems associated with it. <a href="http://www.tymbaksat.info/girlsgiv.html">girls giving blow jobs</a>They give test atuomation a bad name.

  • The is a powerful geologic agent — powerful enough to have carved the <ahref="http://www.kylopina.info/bbwsucks.html">bbw sucks balls</a>. This program focuses on how such carving takes place over time, looking at erosion and deposition processes as they relate to river characteristics and type of rock<a href="http://www.kylopina.info/shavcrack.html">shaved crack porn</a>. The evolution of rivers is covered, along with efforts to prevent harmful consequences to humans.

  • Scenes of before the earthquake introduce this program addressing how humans are learning to cope with earthquakes<a href="http://www.plomyan.info/bbwinblack.html">bbw in black boots</a>. Various groups and agencies are studying the and the damage caused along its path to better understand how earthquakes ravage the land <ahref="http://www.plomyan.info/largebreastsgall.html">large breasts galleries</a>. Methods of studying earthquakes are reviewed.

  • 5xg0906a3hx8v <a href = http://www.201549.com/802264.html > 7phd1wqg </a> [URL=http://www.509840.com/312007.html] kjcizjctklgnl8 [/URL] rw57lznijockl1

  • - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]

  • - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]  - [URL= ]  [/URL]

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment