Cert expiration

All of my thin clients are unable to logon. In the Horizon connection server, I have two errors that the Certificates for the 2 connection servers are expired. This is a major outage for an ANG base, these are on SIPR, making it high priority. My knowledge base is minimal, so I'm hoping it is an easy fix.

0 Kudos
1 Reply

The first thing to check is which certificate has expired, I recommend you access the OS of one of the connection servers and check, launching the SNAP-IN of the local certificates of the computer




Check in the certificate store called personal which certificate to the VDM friendly name and verify its expiration date (as indicated in the arrow)




If the certificate has expired (as likely) you have to renew it and here you have two ways:

  • The certificate is issued by a public CA (at this point you must request the renewal of the certificates from the person who generates the certificate for you)
  • If the certificate is issued by an internal PKI (such as a Microsoft ROOTCA) you must renew by asking who you managed your company's internal PKI.


You can check if it is a certificate issued by a public or private CA by clicking on the certificate in question





You can also tell if the FQDN to which the certificate is linked is a private or public domain name.

Once you have the certificate just install it on the operating systems that host the various connection servers and give it the friendly name VDM.

A possible way, but I do not recommend it is to configure all horizon clients  (Thinclient or windows client not to verify the certificate) but it is highly discouraged.

0 Kudos