VMware {code} Community
anandhariharan
Contributor
Contributor

Connecting to more than 1 VC using the same java client

Hi VI SDK gurus :

Im writing a java application that needs to connect to more than 1 VC to collect some information.

\- I have set up the keystore file and imported the certificates for both VCs into it, but i am unable to get it to connect to both VCs.

\- Only the first VC connection goes through, but when run seperately with different keystore files, connections to both VCs work.

Is there a limitation to be able to connect to 1 VC only ? Any workarounds to allow the same process to connect to 2 or more VCs ?

Any help is much appreciated.

thanks,

_anand

Reply
0 Kudos
4 Replies
tos2k
Expert
Expert

Hi!

We are using .NET and I have been \_thinking_ about this kind of scenario a few times. I dont know what the "keystore files" are used to, but I expect to be able to extend our current implementation to support multiple VC instances, maybe within a few days.

Having multiple VC instances gets you in trouble, especially when dealing with files on the (physical) storage level, but this may apply four your application Smiley Wink

My core idea here is: When having the data access layer completely encapsulated (as it is), it will be no problem to make a list of this access layer, instead of using just the only current instance.

HTH, tos2k

Reply
0 Kudos
anandhariharan
Contributor
Contributor

Hi :

Thanks for your comment. A keystore file by definition can hold multiple certificates using different aliases. The issue with JSSE (SSL implementation) is that the trustStore specified is a single keystore file. As long as there is 1 certificate in the keystore, things work fine.

When i add more than 1 certificate in the keystore, i am unable to connect to more than one VC. I beleive the API uses a single key alias, so i want to confirm this.

The deployment requirements of my application will change significantly based on the answer to this question.

Any VMware employees that can answer my question ???

thanks,

_anand

Reply
0 Kudos
admin
Immortal
Immortal

A keystore file can hold multiple certificates. And connecting to different VC's using the same keystore file is definitely possible, as long as the keystore file holds the certificates to all of these VC Servers. While trying to connect, credentials of the VC intended to be connected to need to be provided.

As far as trying to use the same process to connect to multiple VC's is concerned, I don't think it is possible.

Reply
0 Kudos
anandhariharan
Contributor
Contributor

Hi :

Thanks for your comment.

If a single keystore file can be used to connect to multiple VCs, why do you say that its not possible to connect to multiple VCs from the same process ?

After all, the only additional configuration required is the "javax.net.ssl.trustStore" system variable, which will be the same for all all vcs concerned.

Is there anything i can do to enable this ? Like maybe provide a certificate alias to use to connect ?

Much appreciate your answer on this one, since it will decide how my application is deployed.

thanks,

_anand

Reply
0 Kudos