VMware Horizon in a Lab: Getting Rid of SSL Errors

Citrix/Terminal Services/Remote Desktop Services
Published Feb 17, 2016

This is a description of a quick and dirty way to get SSL to work correctly in a VMware Horizon View installation in a lab environment. Do not do this in production!

The Situation

The Horizon View Connection Server installer creates a self-signed certificate which it places in the computer’s personal certificate store. This certificate’s root is not trusted by anyone, least of all by the clients trying to connect to your apps and desktops.

Establishing Trust

To make the default self-signed certificate work correctly you need to export it from the computer’s personal certificate store and then re-import it in the trusted root certificate store.

Exporting

Exporting VMware Horizon self-signed certificate

It is OK to export without a private key; leave the file format at the default.

Importing - Connection Server

When re-importing the key on the Horizon View Connection Server manually select the computer’s Trusted Root Certification Authorities store:

Importing VMware Horizon self-signed certificate as root certificate

After the import restart the Connection Server machine. View Administrator should now display the Connection Server status in green (certificate valid):

VMware Horizon Connection Server details

Importing - Clients

Clients that connect to Horizon need the certificate imported as trusted root certificate in the same way as described for the Connection Server above.

Name Resolution

Clients connecting to Horizon View need to be able to resolve the name as it is stored in the certificate, in all likelihood fully qualified. If your (lab) clients use a different DNS server than the Horizon installation the simplest solution is to add the Connection Server’s name and IP address to each client’s hosts file.

Comments

Comments are powered by Giscus. Please enable JavaScript to view them, or view discussions directly on GitHub.

Related Posts

XenDesktop 7.6 VDA CPU & Memory Footprint

XenDesktop 7.6 VDA CPU & Memory Footprint

If you install the Citrix XenDesktop 7.6 Virtual Desktop Agent (VDA) on a small Windows 7 VM, you may be in for a big surprise, and not a good one. This article documents issues I have experienced and how to work around them.

Citrix/Terminal Services/Remote Desktop Services

Citrix Synergy 2016 Call for Topics: Get Rid of the Video Requirement (Open Letter)

It smacks of lazy reviewers looking for eye-candy. Simon Crosby, former Citrix CTO Citrix Synergy Team, I am writing to you as a guy who has presented many times at Synergy. This year alone I had three sessions, one in cooperation with my community peers Aaron Parker and Shawn Bass, the other two on my own - one in the Geek Speak track, the other in the regular Synergy breakout session track. All three sessions were a great success and have been rated highly.

Citrix/Terminal Services/Remote Desktop Services

Shutting Down Unused Persistent XenDesktop VMs

Shutting Down Unused Persistent XenDesktop VMs

When you use XenDesktop the only way it makes sense you may find that Citrix has not really put much effort into making that a smooth experience. Persistent is a Second-Grade Citizen XenDesktop is really designed to be used with pooled desktops - machines that are reset to a pristine state when the user logs off. Of course, stateless desktops are much better (and, importantly, cheaper) served from XenApp. This has been the topic of many a debate which I will not repeat here. But I will state that if you give a so-called knowledge worker a personal desktop, you better make sure that desktop is persistent.

Citrix/Terminal Services/Remote Desktop Services

Citrix Desktop Viewer Screen Resolution and Window Size

Citrix Desktop Viewer Screen Resolution and Window Size

As far as I know there is no “official” way to set the width, height and screen position of Citrix Desktop Viewer in window mode. It can be done easily by changing a few registry values, though.

Citrix/Terminal Services/Remote Desktop Services

Latest Posts

WSL Disk Space Cleanup

WSL Disk Space Cleanup

The Windows Subsystem for Linux (WSL) stores its virtual hard disks in the user profile on drive C:. These VHDX files can grow up to 1 TB in size, making it necessary to clean up and reclaim space occasionally. This article shows how.

Virtualization & Containers

Changing the Location of PowerShell Profile Scripts

A PowerShell profile is an init script that is executed when the shell starts. PowerShell searches for profile scripts in hard-coded locations. This article explains how to move profile scripts to any directory of your choice.

Changing the Location of the Windows Terminal Settings Files

Changing the Location of the Windows Terminal Settings Files

Windows Terminal stores its settings in configuration files that resides in the Windows user profile. This article explains how to move them to any directory of your choice. Where are the Settings Files Located? The location of the Windows Terminal settings file is hard-coded. The exact path depends on the app variant you installed, but it’s always in the user profile:

Fast & Silent 5 Watt PC: Minimizing Idle Power Usage

Fast & Silent 5 Watt PC: Minimizing Idle Power Usage

This micro-series explains how to turn the Lenovo ThinkCentre M90t Gen 6 into a smart workstation that consumes only 5 Watts when idle but reaches top Cinebench scores while staying almost imperceptibly silent. In the first post, I showed how to silence the machine by replacing and adding to Lenovo’s CPU cooler. In this second post, I’m listing the exact configuration that achieves the lofty goal of combining minimal idle power consumption with top Cinebench scores.