Solved: SSL certificate issued from Domain CA

fafa24 · ‎03-30-2017

Hello,

I have recently installed the Connection Server 7.03. The installer creates a self singed certificate with the friendly name vdm. We have a CA server in our domain which automatically issues server server authentication certificate to our server via GPO. The Connection Server also received the certificate. So I thought to use the domain certificate I just need to remove the friendly name vdm from the self signed certificated and add the friendly name vdm to the certificate from our CA. I restarted the connection server service. But when i type in the URL the webserver cannot be found. A blank page. Do I revert it and change the friendly name to the self signed certificate all is okay again.

What went wrong here?

Thanks,

Edy

pchapman · ‎03-30-2017

I'm guessing the cert that your CA automatically issues does not have the private key marked as exportable. This is a requirement for View Connection Server certs.

View solution in original post

pchapman · ‎03-30-2017

I'm guessing the cert that your CA automatically issues does not have the private key marked as exportable. This is a requirement for View Connection Server certs.

fafa24 · ‎04-01-2017

Thanks - yes this help. I made the private key exportable and now Horizon Administrator page shows. However it shows still as insecure.

Thanks,

Edy

pchapman · ‎04-04-2017

Where are you seeing the error - Google Chrome? It's probably that your Root Cert is still SHA1 - which is phased out. You need to update your CA's root to SHA256 and reissue the certificate. That's likely the problem, but can't say for sure without more details.

fafa24 · ‎04-06-2017

Hi,

I was seeing the error in Google Chrome "not secure" - But I resolved it. The problem was that I needed to use as URL the fully qualified FQN name. Now Google Chrome shows the page with no error.

Thanks,

Edy

All

SSL certificate issued from Domain CA