Configure vRealize/Aria Build Tools for vRealize vRA/vRO 8.x

Questions? : vRBT/ABT Slack:

Operating System for Developer Host/Workstation

  • I used Windows 11 64-bit (I created a new Windows VM to have a clean environment and to make use of snapshots if needed)
  • I created a local Windows user named User1, if you have a different user name then be aware you will need to change the local home directory paths in the following steps to reflect your username. Ex: C:\Users\{username}


setx JAVA_HOME "C:\Program Files\Java\jdk-17.0.5"
setx PATH "%PATH%;%JAVA_HOME%\bin"


setx PATH "%PATH%;C:\Users\User1\Documents\Dev\apache-maven-3.8.6\bin"
  • Close the existing Command Prompt and open a new Command Prompt (for the new Path to take effect)
  • Run mvn at the Command Prompt, this will test the path is working
mvn -v

vRBT Repository


Create Keystore for vRO package signing

  • Open a Command Prompt and run the following commands
keytool -keystore archetype.keystore -genkey -alias dunesrsa_alias -storepass 'VMware1!' -keyalg RSA 
keytool -delete -alias dunesrsa_alias -storepass 'VMware1!' -keystore archetype.keystore
keytool -genkey -keyalg RSA -keysize 2048 -alias dunesrsa_alias -keystore archetype.keystore -storepass 'VMware1!' -validity 3650 -dname "CN=Project,OU=Department,O=Company,L=City,ST=State,C=XX,emailAddress=administrator@vsphere.local"
  • In Windows Explorer, right click the newly created archetype.keystore and choose Compress to ZIP file. Name the new zip file

Configure Artifactory

Generate the Private Key and Certificate for vRO Package Signing

openssl genpkey -out private_key.pem -algorithm RSA
openssl req -new -key private_key.pem -out csr.csr
openssl req -x509 -days 999 -key private_key.pem -in csr.csr -out cert.pem
  • In File Explorer, copy the new private_key.pem and cert.pem from the Home Folder (C:\Users\User1) to desired location (I used C:\Users\User1\Documents\Dev\certs\)

Create Maven Settings.xml

  • Create the Settings.xml in the C:\Users\User1\.m2 folder
  • Replace the file paths with the ones that match your environment
  • Replace the Artifactory and vRA/vRO host names
  • Replace credentials as needed
  • You can use this file as an example (for insecure lab use only):
<?xml version="1.0" encoding="UTF-8"?>
<settings xsi:schemaLocation=""
            <!--Environment identifier. Multiple environments are allowed by configuring multiple profiles -->
                <!--vRO Connection-->
				<vro.username>vmware@System Domain</vro.username> <!--NOT RECOMMENDED USE vro.serverId and encrypted credentials-->
                <vro.password>VMware1!</vro.password> <!--NOT RECOMMENDED USE vro.serverId and encrypted credentials-->
                <vro.auth>vra</vro.auth> <!-- {basic|vra} If "basic" is selected here, ensure com.vmware.o11n.sso.basic-authentication.enabled=true System Property is set in vRO -->
                <vro.authHost></vro.authHost> <!-- Required for external vRO instances when vra auth is used -->
                <vro.authPort>443</vro.authPort> <!-- Required for external vRO instances when vra auth is used -->
                <!--vRA Connection-->
                <vra.username>vmware</vra.username> <!--NOT RECOMMENDED USE vra.serverId and encrypted credentials-->
                <vra.password>VMware1!</vra.password> <!--NOT RECOMMENDED USE vra.serverId and encrypted credentials-->

Trust Artifactory Certificate (Optional, for self-signed Artifactory certificate only)

Method 1: Use Git Bash to download the self-signed certificate

  • Open the Git Bash Terminal
  • Execute the following (change the artifactory FQDN to match your server):
echo quit | openssl s_client -showcerts -servername server -connect > artifactory-cert.pem
  • Copy the certificate from the Home folder C:\Users\User1 to C:\Users\User1\Documents\Dev\certs\

Method 2: Use Edge to download the self-signed certificate

  • Launch your Artifactory URL in the Edge Browser
  • To the left of the FQDN, click Not secure
  • Click Your connection to this site isn't secure, then click the certificate icon (looks like a diploma)
  • Select the Details tab, then the Export button. Save the certificate as Base64-encoded PEM type named artifactory-cert.pem to C:\Users\User1\Documents\Dev\certs\

Install the certificate into your workstations local keystore

  • Open a Command Prompt as Administrator
  • Navigate to the folder where you saved the Artifactory certificate
  • Run the following command:
setx /M JAVA_HOME "C:\Program Files\Java\jdk-17.0.5"
keytool -trustcacerts -keystore "%JAVA_HOME%\lib\security\cacerts" -storepass changeit -importcert -alias artifactory -file artifactory-cert.pem

Generate an Archetype (Project Template)

  • Open a Command Prompt or Powershell Terminal
  • Create a projects folder (I used C:\Users\User1\Documents\Dev\projects)
  • Navigate to the projects folder
  • Run the following command:
mvn archetype:generate
  • You will be presented with a list of available Archetypes
  • choose “com.vmware.pscoe.o11n.archetypes:package-actions-archetype (package-actions-archetype)”
  • Enter groupId. Ex: com.mycompany.test
  • Enter artifactId. Ex: myTestAction
  • Hit Enter to accept default value for package
  • Review settings and press Y if correct
  • A project template has now been created with some sample values

Test the new Project

  • Change directory to the newly created project folder (In my case: C:\Users\User1\Documents\Dev\projects\myTestAction)
  • Run a Maven command to test your environment

Deploy Package to vRO

mvn clean package vrealize:push -P corp-dev


This is just the basics to get a functional vRBT workstation configured. There is a lot more functionality in vRBT than just deploying a vRO package as demonstrated. Of course, for a production environment you would not want to use self-signed certs, clear text passwords, or disabled certification checking. Again, this is just the bare minimum needed to start learning and using vRBT in a home/lab environment.

Useful Links



, , , , ,




Leave a Reply

Your email address will not be published. Required fields are marked *