I've been working on installing a new SSL cert on my View 4.0 server for the past couple of weeks with no success. I have the JKS keys imported properly.
When I connect using a View client I get the error that the "CA Root cert is not trusted in the Trusted Root Authorities Store". Globalsign believes the server is not "pointing" to the new SSL cert.
My question is: in the recommended syntax below for the locked.propeties file...does the keypass= want my actual cert password, or is it looking for the word "secret"?
storetype=jks
keyfile=keys.jks
keypass=secret
It wants the password set on the key.
Thanks, that rules that out as a cause.
I'm confused because I've seen conflicting articles about the contents of the locked.properties file. One suggested I should add the top three lines below. Another article had a public and private key in there as well.
clientHost=servername.com
clientPort=443
clientProtocol=https
storetype=jks
keyfile=xxxx.jks
keypass=secret
Can anyone post the contents of a working locked.properties file? Much appreciated
The latest version of View doesn't use the locked.properties file but I think before that you only needed the information below.
storetype=jks
keyfile=xxxx.jks
keypass=secret
Figured it out.
My view server was creating a self-signed cert that was not in the Trusted Authorities Certificate Store. I had to export it from the view client popup as a .cer and then reimport it into the Trusted Authorities Certificate Store on the View Server.
But I was now getting a "tunnel" error when connecting with the View Client. I found a setting in View manager Server settings that enables a 2nd SSL tunnel for RDP connections. Once I turned that off I get a clean SSL connection to my View desktops.