Solution Certificate Support for the vCenter Single Sign-On Server

Solutions that are integrated into the vSphere environment must perform authentication with the vCenter Single Sign-On server to obtain a SAML token for use in the environment.

The vCenter Single Sign-On SDK contains a C# sample that demonstrates how to use a solution certificate to obtain a token (AcquireHoKTokenBySolutionCertificateSample). The sample uses a PFX file to obtain the certificate and private key. When you run the sample, you specify the PFX file location and the private key password on the command line:

AcquireHoKTokenBySolutionCertificateSample sso-server-url path-to-pfx-file private-key-password

The PFX file is located in the following directory on a vCenter server:
/etc/vmware-vpx/ssl/rui.pfx

Copy the rui.pfx file from the server to the system on which you are running the sample.
The password for the private key is located in the catalina.properties file on the vCenter server:
/usr/lib/vmware-vpx/tomcat/conf/catalina.properties

The catalina.properties file contains the following definition for the private key password:
```
bio-vmssl.SSL.password=testpassword
```

The solution certificate sample uses the X509Certificate2 constructor to load the certificate. See the sample file AcquireHoKTokenBySolutionCertificate.cs in the vCenter Single Sign-On SDK.