Configuring VM Manager Tool to accept trusted VM manager certificates

By default, the VM Manager Tool accepts all VM manager certificates regardless of whether they are trusted or not. You can change the default behavior to ensure that only trusted certificates are accepted by the VM Manager Tool.

1. Extract the VM manager certificate to a file. For instructions, see product documentation of your VM manager.
2. Log in to the computer where the VM Manager Tool is installed and copy the VM manager certificate to that computer.
3. To define the certificate as trusted, open the command-line interface and run the following command.
   • vmman.sh -addcertificate -alias unique_alias -file vm_manager_certificate
   • vmman.bat -addcertificate -alias unique_alias -file vm_manager_certificate

   Where:

   -alias

   Unique alias that will be associated with the VM manager certificate.

   -file

   Path to the VM manager certificate that you extracted.

   Important: Both switches are required.
4. Change the VM Manager Tool settings to accept only trusted certificates.
   • If you are using the local or central VM Manager Tool, log in to License Metric Tool, and go to Management > Advanced Server Settings. Then, set the value of the vmmman_trust_all_vm_managers_certificates parameter to false.
   • If you are using the distributed or disconnected VM Manager Tool, open the vmmmainconf.properties file on the computer where the VM Manager Tool is installed. By default, the file is in the following location.
     • For distributed VM Manager Tool
       • /var/opt/BESClient/LMT/VMMAN/config
       • C:\Program Files (x86)\BigFix Enterprise\BES Client\LMT\VMMAN\config
     • For disconnected VM Manager Tool
       • VM Manager Tool install dir/config
       • VM Manager Tool install dir\config
     Then, change the value of the vmm_trust_all_vm_managers_certificates parameter to false.