justinsmith421
Contributor
Contributor

Cert expiration

All of my thin clients are unable to logon. In the Horizon connection server, I have two errors that the Certificates for the 2 connection servers are expired. This is a major outage for an ANG base, these are on SIPR, making it high priority. My knowledge base is minimal, so I'm hoping it is an easy fix.

0 Kudos
1 Reply
fabio1975
Expert
Expert

The first thing to check is which certificate has expired, I recommend you access the OS of one of the connection servers and check, launching the SNAP-IN of the local certificates of the computer

fabio1975_0-1651612574617.png

 

 

Check in the certificate store called personal which certificate to the VDM friendly name and verify its expiration date (as indicated in the arrow)

 

fabio1975_2-1651612600975.png

 

If the certificate has expired (as likely) you have to renew it and here you have two ways:

  • The certificate is issued by a public CA (at this point you must request the renewal of the certificates from the person who generates the certificate for you)
  • If the certificate is issued by an internal PKI (such as a Microsoft ROOTCA) you must renew by asking who you managed your company's internal PKI.

 

You can check if it is a certificate issued by a public or private CA by clicking on the certificate in question

 

fabio1975_1-1651612574624.png

 

 

You can also tell if the FQDN to which the certificate is linked is a private or public domain name.

Once you have the certificate just install it on the operating systems that host the various connection servers and give it the friendly name VDM.

A possible way, but I do not recommend it is to configure all horizon clients  (Thinclient or windows client not to verify the certificate) but it is highly discouraged.

0 Kudos