User Guide

Intel® VTune™ Profiler User Guide

ID 766319
Date 7/13/2023
Public

A newer version of this document is available. Customers should click here to go to the newest version.

Document Table of Contents

Set Up Transport Security

VTune Profiler Server web site is accessible via encrypted HTTPS connection. HTTPS requires a Transport Layer Security (TLS) certificate. Depending on your deployment mode, you can use different types of TLS certificates.

Self-Signed TLS Certificate

The self-signed certificate is automatically generated when the VTune Profiler Server is started. No additional actions are required from the user who starts the server, but the web browser will provide a warning that the server certificate is not trusted and will ask for a confirmation to proceed.

Signed TLS Certificate

You are recommended to use properly signed TLS certificates so that web browsers automatically validate authenticity of the VTune Profiler Server. Such certificate should be provisioned by your company IT department.

To set up the transport security, the Admin should follow these steps:

  1. Provide the signed TLS certificate to users of the VTune Profiler Server.

    Make sure to include the VTune Profiler Server DNS name to either Common Name or Alternative Domain Names.

    For example, if the URL to access the VTune Profiler Server is https://vtune.lab01.myorg.com, the TLS certificate Common Name should be vtune.lab01.myorg.com, or vtune.lab01.myorg.com should be included into Alternative Domain Names.

  2. Start the VTune Profiler Server as follows:

    vtune-backend --tls-certificate /path/to/vtune.lab01.myorg.com.pfx --tls-certificate-password-path /path/to/cert_password.txt

    You can also enter the certificate password interactively by using the --tls-certificate-password option instead of --tls-certificate-password-path. In this case, the VTune Profiler Server will prompt to enter the password:

    vtune-backend --tls-certificate /path/to/vtune.lab01.myorg.com.pfx --tls-certificate-password
    
    Certificate password:

    If the certificate private key is stored in a separate file, use the --tls-certificate-key option:

    vtune-backend --tls-certificate /path/to/vtune.lab01.myorg.com.crt --tls-certificate-key /path/to/vtune.lab01.myorg.com.key