Hi,
We a configuring a Horizon View in a closed network, no access to internet.
I was wondering about the certificate that is created under installation, as I understand this certificate should be replaced since this system will be production.
Do we need to create a own CA system within our domain for this ? Or is it possible to create a CSR and request some kind of certificate from a certificate vendor like godaddy.com ? or will this fails since we don`t have access to internet and it will then not be able to verify the chain ?
I don`t have much knowledge when it comes to certificates
Thanks for reply
Hi,
you can use a certificate of your own CA as well as a valid certificate from any other public CA.
If you use your own CA you should make sure that your root certificate is trusted by the clients. If not then they would get the error as now with the self signed one.
If you request a certificate please make sure you read the guide (obtaining a signed ssl certificate) regarding e.g. key length.
CRL should be in place but is not needed. If you can't reach the CRL and Horizon displays the servers red/faulty in admin gui please check this KB: VMware Knowledge Base
Best regards
Andi
Hi,
you can use a certificate of your own CA as well as a valid certificate from any other public CA.
If you use your own CA you should make sure that your root certificate is trusted by the clients. If not then they would get the error as now with the self signed one.
If you request a certificate please make sure you read the guide (obtaining a signed ssl certificate) regarding e.g. key length.
CRL should be in place but is not needed. If you can't reach the CRL and Horizon displays the servers red/faulty in admin gui please check this KB: VMware Knowledge Base
Best regards
Andi