Is this the correct syntax for enabling a SSL cert...

Reiver · ‎01-24-2013

I've been working on installing a new SSL cert on my View 4.0 server for the past couple of weeks with no success. I have the JKS keys imported properly.

When I connect using a View client I get the error that the "CA Root cert is not trusted in the Trusted Root Authorities Store". Globalsign believes the server is not "pointing" to the new SSL cert.

My question is: in the recommended syntax below for the locked.propeties file...does the keypass= want my actual cert password, or is it looking for the word "secret"?

storetype=jks
keyfile=keys.jks
keypass=secret

mittim12 · ‎01-24-2013

It wants the password set on the key.

Reiver · ‎01-24-2013

Thanks, that rules that out as a cause.

I'm confused because I've seen conflicting articles about the contents of the locked.properties file. One suggested I should add the top three lines below. Another article had a public and private key in there as well.

clientHost=servername.com
clientPort=443
clientProtocol=https

storetype=jks
keyfile=xxxx.jks
keypass=secret

Can anyone post the contents of a working locked.properties file? Much appreciated

mittim12 · ‎01-24-2013

The latest version of View doesn't use the locked.properties file but I think before that you only needed the information below.

storetype=jks
keyfile=xxxx.jks
keypass=secret

Reiver · ‎01-25-2013

Figured it out.

My view server was creating a self-signed cert that was not in the Trusted Authorities Certificate Store. I had to export it from the view client popup as a .cer and then reimport it into the Trusted Authorities Certificate Store on the View Server.

But I was now getting a "tunnel" error when connecting with the View Client. I found a setting in View manager Server settings that enables a 2nd SSL tunnel for RDP connections. Once I turned that off I get a clean SSL connection to my View desktops.

All

Is this the correct syntax for enabling a SSL cert?