VMware Horizon Community
Hitu201110141
Contributor
Contributor

View 5.3 having issues with Certificate

Few weeks ago my certificate expired on Connection server. I was able to request one from digicert and imported into my connection server. All setting were set properly with friendly name and such. Once I did that got green light on my connection server from View admin console. we are running just one security and connection server. At the time of upgrade of the certificate for connection server I did not notice any issue with security server so didn't go through the process of importing certificate for that as well. Started getting calls from my offshore resources they were not able to connect externally. . Since we used the same cert on both connection server and security server I went through the steps of exporting the cert out of connection server and imported back on security server. Even though I did that external clients were getting the same error when connecting to view client externally. To get this resolved support was able to assist by setting the default cert on the security server configure and making it default. Client were working fine by bypassing the certificate. Now I'm running into this issue where I cannot connect to my view admin console. keeps throwing below error. Also on the connection server View Blast Secure Gateway services are stuck on pause not matter what I do cannot get this service to start normally and view admin console is still down. At the same time I am able to connect to view externally by bypassing the certificate. Figure post this on the community before I call support where they are not able to help as current version of View that I am running is out of support and they keep telling me to upgrade which I have slated for 1st quarter 2018. Can't seem to understand why would the same cert that I have on connection server works perfectly fine and same cert that import into security server keeps giving me problems. Support seems to think it's a mismatch on the cipher but I cannot understand what I need to configure on the cert or the security server to see the correct match for the cipher. Any help would be appreciate it if anyone has run into this issue. 

Can’t connect securely to this page

This might be because the site uses outdated or unsafe TLS security settings. If this keeps happening, try contacting the website’s owner.

Try this:

> View : 5.3.2

> Certificates on View servers expired couple of days ago hence certificates were replaced

> One certificate(digicert) used for both connection and security servers

> Verified server's friendly name , Subject alternate name and thumbprint

> No issue connecting internally

> Only external users are unable to connect

> External users connect via horizon client (4.3)

> Noticed cipher mismatch in certificates hence external users were unable to connect

> Pointed security server to default certificate and bypassing cert verification when connecting from external network , we were able to connect

Reply
0 Kudos
1 Reply
splumley
Contributor
Contributor

You may have forgotten to export the Private Key

Reply
0 Kudos