I recently setup a local certificate authority to self-sign SSL certs for the view server. I have everything setup according to the KB articles, and my localCA has issued a certificate to the View server (5.1), and using the View client from my desktop I can connect without issue, with SSL working properly.
However, when I try to connect to the View server using one of the Dell (Wyse) P20 thin clients, I get an error saying that the SSL certificate is invalid, and when I click on the "show certificate" button, all of the information is blank.
I'm at a loss, as the View server is green across the board, and I can connect to my desktop pools using the View client via HTTPS without issue.
Have you uploaded your root certificate into the P20?
I haven't come across any option for uploading the certificate in the P20 configuration screens, where is that located?
If you login to the web interface of the p20 and go to the uploads option you will see a certificate upload section.
Ok, it's under the web interface and not the GUI.
It requires certificates in PEM format? Is that even possible using a self-signed certificate from a local CA?
You can convert it with openssl.
You don't even need openssl, one of the export options in Windows certmgr is the same format with a different extension.
I forget which, but it should be easy enough to find on the Teradici support site.
I exported the root certificate of my CA as a base-64, and then just renamed the extension from .cer to .pem, and it allowed me to upload the cert into the the thin client, but I still get an error. On the thin client, when trying to connect the "show certificate" still returns as blank.
Which firmware version are you using?
"Blank" does ring a bell, but it's been too long...
OK, then it's not what I was thinking of - that issue was fixed in one of the 3.x versions.
Grudgebearer - this should help you out;
1. First upgrade unit to latest firmware v4.0.3 (12/19/2012) using the below link: (copy entire link)
https://appservices.wyse.com/pages/serviceandsupport/support/dlOraFW.asp?which=161&model=P25/P45(Wys... Zero Clients)
Select option #1 from list
2. If you still have issues after upgrading, follow the below steps from Teradici site as noted by MarAndreas;
How do I export the View Connection Server trusted root certificate for upload to a PCoIP zero client? (15134-1020)
http://techsupport.teradici.com/ics/support/kbanswer.asp?deptID=15164&task=knowledge&questionID=1020
Note: if you haven't done already, create account here: http://techsupport.teradici.com
Regards,
Chris
I actually just figured out the problem.
I followed VMware's steps located here:
When I originally issued my certificate, and after using the digicert SSL verification tool, I realized that it wasn't a properly formatted certificate. I reissued the cert as a standard web server certificate and I was finally able to upload the .PEM certificate into the thin clients.
Grudgebearer - good to hear! One other note if your not aware, the Dell Wyse P20 is based on the slighly older Tera 1 processor from Teradici. We are now shipping the latest generation, Tera 2 processor on our new Dell Wyse P25 device. You can see more at the below link. If you would also like to meet/talk with your local Dell Wyse team feel free to contact Dell Wyse at the below link as well.
Dell Wyse P25 @ http://www.wyse.com/p25
Contact Dell Wyse Team @ http://www.wyse.com/about/contact
Regards,
Chris
