VMware Horizon in a Lab: Getting Rid of SSL Errors

Citrix/Terminal Services/Remote Desktop Services
Published Feb 17, 2016

This is a description of a quick and dirty way to get SSL to work correctly in a VMware Horizon View installation in a lab environment. Do not do this in production!

The Situation

The Horizon View Connection Server installer creates a self-signed certificate which it places in the computer’s personal certificate store. This certificate’s root is not trusted by anyone, least of all by the clients trying to connect to your apps and desktops.

Establishing Trust

To make the default self-signed certificate work correctly you need to export it from the computer’s personal certificate store and then re-import it in the trusted root certificate store.

Exporting

Exporting VMware Horizon self-signed certificate

It is OK to export without a private key; leave the file format at the default.

Importing - Connection Server

When re-importing the key on the Horizon View Connection Server manually select the computer’s Trusted Root Certification Authorities store:

Importing VMware Horizon self-signed certificate as root certificate

After the import restart the Connection Server machine. View Administrator should now display the Connection Server status in green (certificate valid):

VMware Horizon Connection Server details

Importing - Clients

Clients that connect to Horizon need the certificate imported as trusted root certificate in the same way as described for the Connection Server above.

Name Resolution

Clients connecting to Horizon View need to be able to resolve the name as it is stored in the certificate, in all likelihood fully qualified. If your (lab) clients use a different DNS server than the Horizon installation the simplest solution is to add the Connection Server’s name and IP address to each client’s hosts file.

Comments

Comments are powered by Giscus. Please enable JavaScript to view them, or view discussions directly on GitHub.

Related Posts

The Effects of HP's Power Profile on vCPU Performance

When you buy a new HP server it comes with the BIOS setting HP Power Profile set to Balanced Power and Performance. That sounds good but is bad - at least for CPU performance in a VDI environment.

Citrix/Terminal Services/Remote Desktop Services

Citrix Synergy 2016 Call for Topics: Get Rid of the Video Requirement (Open Letter)

It smacks of lazy reviewers looking for eye-candy. Simon Crosby, former Citrix CTO Citrix Synergy Team, I am writing to you as a guy who has presented many times at Synergy. This year alone I had three sessions, one in cooperation with my community peers Aaron Parker and Shawn Bass, the other two on my own - one in the Geek Speak track, the other in the regular Synergy breakout session track. All three sessions were a great success and have been rated highly.

Citrix/Terminal Services/Remote Desktop Services

Citrix XenApp/XenDesktop API Hooking Explained

Citrix XenApp/XenDesktop API Hooking Explained

What is API Hooking? API hooking is all about making others do things they never even knew they could do. More precisely: tricking other processes into doing things differently from what their developers programmed.

Citrix/Terminal Services/Remote Desktop Services

Which Version of Citrix GoToMeeting Are You Running?

Which Version of Citrix GoToMeeting Are You Running?

Last updated: 2017-01-21. This article still applies to the latest versions of GoToMeeting. The high disk space usage has not been solved yet. Am I running the latest version of GoToMeeting? Which is the latest version, anyway? Those trivial questions might not be easy to answer.

Citrix/Terminal Services/Remote Desktop Services

Latest Posts

Scripted WordPress to Hugo Migration

Scripted WordPress to Hugo Migration

After having published in WordPress for almost 20 years, it was time for a change. This site is now rendered by Hugo, a static website generator built for Markdown content hosted in a Git repository. The migration from WordPress (HTML) to Hugo (Markdown) was far from trivial. Since I couldn’t find any tool for the job, I developed my own set of migration scripts that fully automate the migration process. You can find them on GitHub along with extensive documentation.

Mitsubishi Heat Pump Data in Home Assistant via Modbus

Mitsubishi Heat Pump Data in Home Assistant via Modbus

This article shows how to get detailed information about your Mitsubishi heat pump’s status and operations into Home Assistant. Prerequisites You’ll need a Mitsubishi Modbus interface, either the older A1M (serial Modbus/RTU via RS-485 only) or the newer A1M+ (Modbus/TCP via Ethernet in addition to Modbux/RTU). I’m using the Ethernet variant.

Home Automation, Networking & Self-Hosting

GitHub: Authenticated Access via SSH

GitHub: Authenticated Access via SSH

This article describes how to set up authenticated access to a (private or public) GitHub repository from Linux. Create & Set Up an SSH Key SSH Key Creation Create a new SSH key:

Software development

Fixing IPv6 Intermittent Packet Loss Caused by Windows Firewall

Fixing IPv6 Intermittent Packet Loss Caused by Windows Firewall

This article shows a simple solution to a weird networking problem that plagued me for hours: IPv6 packets were sometimes lost; IPv4 was not affected. Problem: IPv6 Ping Timeouts and Packet Losses Symptom: Teams Issues I noticed the problem first when there were intermittent connectivity issues in Teams during a meeting.