SSL in VMware Horizon View 7

Common Issues

If the Windows Server host on which View Connection Server is installed does not trust the root certificate for the signed SSL server certificate, you must import the root certificate into the Windows local computer certificate store. In addition, if the View Connection Server host does not trust the root certificates of the SSL server certificates configured for security server, View Composer, and vCenter Server hosts, you also must import those root certificates.

How to install it

1. In the MMC console on the Windows Server host, expand the Certificates (Local Computer) node and go to the Trusted Root Certification Authorities > Certificates folder.
        -If your root certificate is in this folder, and there are no intermediate certificates in your certificate chain, skip to step 7.
        -If your root certificate is not in this folder, proceed to step 2.
2. Right-click the Trusted Root Certification Authorities > Certificates folder and click All Tasks > Import.
3. In the Certificate Import wizard, click Next and browse to the location where the root CA certificate is stored.
4. Select the root CA certificate file and click Open.
5. Click Next, click Next, and click Finish.
6. Import all intermediate certificates in the certificate chain into the Windows local computer certificate store.
        Go to the Certificates (Local Computer) > Intermediate Certification Authorities > Certificates folder.
        Repeat steps 3 through 6 for each intermediate certificate that must be imported.
7. Restart the View Connection Server service, Security Server service, View Composer service, or vCenter Server service to make your changes take effect.

Important notes

The SSL certificate bundle should be downloaded from this URL.

The files should be concantenated in the following order:

        www_example_com.crt - this is your SSL certificate
        SectigoRSADomainValidationSecureServerCA.crt
        USERTrustRSAAddTrustCA.crt
        AddTrustExternalCARoot.crt

Example command on Windows:

type www_example_com.crt SectigoRSADomainValidationSecureServerCA.crt USERTrustRSAAddTrustCA.crt AddTrustExternalCARoot > your-domain.com.ca-bundle

Example command on Linux:

cat www_example_com.crt SectigoRSADomainValidationSecureServerCA.crt USERTrustRSAAddTrustCA.crt AddTrustExternalCARoot > your-domain.com.ca-bundle

The files SectigoRSADomainValidationSecureServerCA.crt, USERTrustRSAAddTrustCA.crt, AddTrustExternalCARoot.crt must be in the archive sent to you by Sectigo at the verification mail.


Last modified: 2020-03-12
Cookies help us deliver our services. By using our services, you agree to our use of cookies. Learn more