PS: you can also use openssl to check cert:

openssl s_client -showcerts -connect <hostname>:<port>

Hi  vDruid,

Have you restarted Connection Server Services after adding cert and changing friendly name ? --> Yes, I have been Restarts.

Have you verified with a browser connecting to CS that it is effectively the signed cert that is presented ? --> Yes.

Still can't solve the problem.

@LeHongTung 

Since you are using self-signed certificates, you will always get that warning in the Horizon Dashboard. 

Hi vDruid,

I followed your instructions. This is result: 

C:\Users\tunglh>openssl s_client -showcerts -connect vdi-connect01.inner.local.vn:443
CONNECTED(00000208)
depth=0 O = "VMware, Inc.", OU = VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
verify error:num=18:self-signed certificate
verify return:1
depth=0 O = "VMware, Inc.", OU = VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
verify return:1
---
Certificate chain
0 s:O = "VMware, Inc.", OU = VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
i:O = "VMware, Inc.", OU = VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
a:PKEY: rsaEncryption, 2048 (bit); sigalg: RSA-SHA384
v:NotBefore: Nov 18 02:16:17 2022 GMT; NotAfter: Feb 20 02:16:17 2025 GMT
-----BEGIN CERTIFICATE-----
MIIDhzCCAm+gAwIBAgIJAN1Ma2Bx6BWoMA0GCSqGSIb3DQEBDAUAMHAxFTATBgNV
BAoMDFZNd2FyZSwgSW5jLjEwMC4GA1UECwwnVk13YXJlIEhvcml6b24gVmlldyBk
ZWZhdWx0IGNlcnRpZmljYXRlMSUwIwYDVQQDDBx2ZGktY29ubmVjdDAxLklubmVy
LnZubmljLnZuMB4XDTIyMTExODAyMTYxN1oXDTI1MDIyMDAyMTYxN1owcDEVMBMG
A1UECgwMVk13YXJlLCBJbmMuMTAwLgYDVQQLDCdWTXdhcmUgSG9yaXpvbiBWaWV3
IGRlZmF1bHQgY2VydGlmaWNhdGUxJTAjBgNVBAMMHHZkaS1jb25uZWN0MDEuSW5u
ZXIudm5uaWMudm4wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCm/I4K
MQ1118sT39bNKB5yevjcT0rGJBIpsHRrjezi3evU4P9mrz0NIhfuwkSk+1FMQUEX
V1bajsAvmHdeZ4vU4tm7akyZM2Jb7mGBeXAFJ3orfXmK7+HWe2ttMcRQsJn1gp93
tQl9lHQWHX5Y6IBBqkCxSiejupdiAzbSEPviYPYVEGNzKkDvItdi4sdl0ze+7Jq5
vblwULZvIMNbag8lON3wjXm3bAa9Rzg/zAfK3Dh/BbwYgDnoRgAPLHSUgkl8NqDW
wikiGqWwxfBu9Kz/AgMBAAGjJDAiMAsGA1UdDwQEAwIFoDATBgNVHSUEDDAKBhhr
BgEFBQcDATANBgkqhkiG9w0BAQwFAAOCAQEANWToaoUts3dORl9QRgt6Gn6G16HO
kPceWoafUmRPHwHXk3KKA+V755Fj4ju0QqQnNoPe1YEYsmf57Azyts/apdCAzea8
m7GXszIxPpkQSqS7aDcrw6EEBeW801f1z6dsHSlmnlkSMfDDZII40aMGr6Tvd8N8
j6ww1h+HSNmkoLGlGiw9/yGJRX0VNbsLulX0xSTrU977oey32O8VsYrDyIepJdUs
36P//RrTp5dn7Qqlu/gB4B0DFMPz5G0gqPjkZN1bkXzGXOWoH0cxyNtxHCoHPYs9
7I2Vb2wf3YuJe8ojT1YzXhTvWEVF8eIom/aEWGp+TBbVt8okvPAjO/1wDg==
-----END CERTIFICATE-----
---
Server certificate
subject=O = "VMware, Inc.", OU = VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
issuer=O = "VMware, Inc.", OU = VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: ECDH, prime256v1, 256 bits
---
SSL handshake has read 1410 bytes and written 456 bytes
Verification error: self-signed certificate
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: D14DDDD01AF666552EA2D50122C83A0FB03205FC0F4794113DEA2AE041513009
Session-ID-ctx:
Master-Key: 33CD6A9571B8DA3CAC00B25CB7A7A277C8F4E32F539CEF8C6C062930E9189ACDFFE6955FFC30CCD584F3E0EC21F35F94
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1684837429
Timeout : 7200 (sec)
Verify return code: 18 (self-signed certificate)
Extended master secret: yes
---

<html>
<head>
<title>VMware Horizon</title>
<link rel=stylesheet href="/error/base.css" type="text/css" />
</head>
<body leftmargin="0" rightmargin="0" topmargin="0" marginwidth="0"
marginheight="0">

<script language="JavaScript">
function toggleError()
{
var errorElement = document.getElementById('errorDetails');
if (errorElement && errorElement.style.display == 'none')
{
errorElement.style.display="block";
}
else
{
errorElement.style.display="none";
}
}

function escapeHTML (str)
{
var div = document.createElement('div');
var text = document.createTextNode(str);
div.appendChild(text);
return div.innerHTML;
}
</script>

<table width="100%" cellspacing="0" cellpadding="0" border="0">
<tr style="height: 62px; background-color: #000000;">
<td style="width: 50%; vertical-align: top; text-align: left;" background="/error/1x62_gradient.png">
<img src="/error/343x62_vmware_banner.png" /></td>
<td style="width: 100%; vertical-align: top; text-align: right;" background="/error/1x62_gradient.png"/>
<img src="/error/99x62_vmware.png" /></td>
</tr>

</table>

<div class="content">
<h2>Error: Not Found</h2>
<div class="explain">
<p>
The page you requested is not available.
<script language="JavaScript">
var url = escapeHTML(location.href);
if (url.indexOf("http:") == 0 && 404 == "404") {
document.write(" Try HTTPS instead.");
}
</script>
</p>
<p><a href="#" onclick="toggleError()">Show Details</a></p>
<p>
<textarea
rows="20" cols="80" readonly="true" id="errorDetails"
style="display:none">
Error code: 404

So this is clearly the auto-generated self certificate from VMware:

 VMware Horizon View default certificate, CN = vdi-connect01.inner.local.vn
verify error:num=18:self-signed certificate

So the error is normal, you need to create a CA signes certificate for your company if you want to get rid of this error and provide a secure access.