Re: Certificate error

Dmitri_Manushin · ‎08-29-2014

Hi there, we have Horizon 6 and for all components (vCenter, Connection server, composer) we using prod. certificates from internal CA, but on dashboard page in a system health page area connection server RUPAPPVIEW01 marked as red, if I click on it I see next message - Status: Server's certificate is not trusted , SSL Certificate: invalid and there is no button to view certificate where I should click accept or reject.

In debug log file I see next error - 2014-08-29T03:27:40.772+04:00 DEBUG (0F14-1380) <SGHealth-federatedtask-1409267524776> [EventLogger] Error_Event:[BROKER_SECURE_GATEWAY_CERT_NOTVALID] "Certificate is invalid for Secure Gateway at address RUPAPPVIEW01": Source=com.vmware.vdi.broker.health.h, Time=Fri Aug 29 03:27:40 MSK 2014, Severity=ERROR, Node=RUPAPPVIEW01.emea.cegedim.grp, Module=Broker, SecurityServerId=RUPAPPVIEW01, Acknowledged=true

Certificate with friendly name - vdm is installed and it's valid.

How can i fix this?

thank you.

nhickey · ‎09-09-2014

Hey Dmitri,

I do know that the Self-Signed Certs now give a Red box on the connection server health which I too feel is kinda dumb, but I get it.

Check out this blog from Brian at Virtualize Tips. Great read and screenshots on updating certs in Horizon 6.

VMware Horizon 6 install - Part 3 SSL Certificates | VirtualizeTips

Thanks, Nigel VCIX-DTM @vCenterNerd nigelhickey.com

JackMac4 · ‎09-10-2014

Dmitri,

The most common issue is here is the friendly name, which you've checked, the compatability level, and the private key being exportable. More than likely you don't have the root CA bundled with your cert or your key isn't exportable would be my best guess.

Are you using an MS CA?

---- Jack McMichael | Sr. Systems Engineer VMware End User Computing Contact me on Twitter @jackwmc4

Calyps0Craig · ‎03-25-2015

Did you get a resolution to this? I have the same issue where everything appears correct from the documentation but I can figure out what's going on.

All

Certificate error