3.1 KiB
3.1 KiB
Packer.Images 
This OVA appliance allows deploying an Active Directory Certificate Authority fully automated:
The included .ovf file has the following XML contents (simplified for clarity) to facilitate the different DeploymentOptions:
<Envelope [...]>
[...]
<DeploymentOptionSection>
<Info>Deployment Type</Info>
<Configuration ovf:id="standalone-root">
<Label>Root Certificate Authority</Label>
<Description>Root CA with self-signed certificate; should be kept turned off</Description>
</Configuration>
<Configuration ovf:id="enterprise-intermediate">
<Label>Subordinate enterprise Certificate Authority</Label>
<Description>Subordinate CA on domain-member server; kept online to service certificate requests/enrollment and host CRL</Description>
</Configuration>
<Configuration ovf:id="standalone-intermediate">
<Label>Subordinate standalone Certificate Authority</Label>
<Description>Subordinate CA on standalone server; kept online to service certificate requests and host CRL</Description>
</Configuration>
</DeploymentOptionSection>
<VirtualSystem ovf:id="[...]">
[...]
<ProductSection>
[...]
<Category>1) Operating System</Category>
<Property ovf:configuration="standalone-root enterprise-intermediate standalone-intermediate" ovf:key="guestinfo.hostname" [...]>
<Label>Hostname*</Label>
</Property>
[...]
<Category>3) Active Directory Certificate Services</Category>
<Property ovf:configuration="secondary" ovf:key="adcsconfig.foo" [...]>
<Label>Foo*</Label>
</Property>
[...]
</Property>
</ProductSection>
</VirtualSystem>
</Envelope>
When provisioning the appliance through the vCenter 'Deploy OVF template...' wizard, or through vApp-compatible Infrastructure as code tooling (e.g. HashiCorp Terraform), it is possible to provide all relevant configuration through vApp properties.
| vSphere 'Deploy OVF template...' wizard | HashiCorp Terraform vSphere provider |
  |
|
On first boot, the appliance will start configuring itself without any further user-input, by performing the following steps:
- WIP