On a View Security Server I needed to change the default self signed certificate to a signed wildcard certificate. The customer had a wildcard certificate that didn’t include the private key. A certificate that include the private key is a requirement for a VMware View Security server.
If you have the certificate (*.cer or *.crt) and private key (*.key), convert it to a PCKS#12 (PFX) format before you import the certificate. To create a certificate that include the private key I used the following steps:
- Download and install OpenSSL and Visual C++ 2008 Redistributables. Link
- The install directory of OpenSSL is: C:\OpenSSL-Win64\
- Place the certificate (*.cer or *.crt) and private key (*.key) file in the C:\OpenSSL-Win64\bin directory directory
- Open a command prompt and set the environment variable: Set OPENSSL_CONF=c:\OpenSLL-Win64\bin\openssl.cfg
- Create another environment variable: Set RANDFILE = .rnd
- Generate a PCKS#12 (PFX) keystore file from the private key and certificate file. Syntax example: OpenSSL.exe pkcs12 –export -out newcertificatename.pfx –inkey privatekey.key –in certificate.crt
- Enter the password for the certificate
The next step is to Import the certificate on the security server:
- Open the MMC on the Security Server and add the Certifcates snap-in
- In the Windows local computer store import the generated P12 certificate
- Type the password for the private key
- Make sure the certificate is exportable
- Change the friendly name to “vdm” and make sure that the friendly name of the self signed certificate is changed to something else
- Restart the View Connection Security service
The new wildcard certificate has a private key and is trusted in the VMware View client and on the View Administrator page.
More information about certificates can be found in the Obtaining SSL Certificates for VMware Horizon View Servers. Link
2 thoughts on “Install a wildcard certificate on a VMware Horizon View Security Server”
Heb jij misschien een tip of tips waar ik rekening mee moet houden als ik een Wildcard Certificaat ga aanschaffen voor VMware view.
Misschien zelfs waar ik ze het beste kan kopen.
Thanks for this clear and forward instruction!