VMware Horizon Community
don1304
Contributor
Contributor
‎05-02-2012 02:40 PM

Self-signed SSL certificate / View 5

Self-signed SSL certificate / View 5

Can we setup Self-signed SSL certificate with View 5?  As I get error message after upgrading the View environment from 4.6 to 5.0 for both Internal and external conenctions .

Error Message  :

Vmware View Canot verify the identity of the server you have contacted . Your credentials will not be secure .Contact your administrator to ask if this server can be trusted.

Just FYI , we dont have a CA server or any thridparty SSL certifcate .

0 Kudos
4 Replies
eeg3
Commander
Commander
‎05-02-2012 02:52 PM

You should be able to change this as detailed below:

View clients now follow the well-known browser model for handling certificates, displaying errors detected in the certificate presented by View Connection Server, or in the certificate trust chain. Administrators can set the Certificate verification mode group policy to enforce strict certificate checking; if any certificate error occurs, the user cannot connect to View Connection Server. Alternatively, administrators can use the default Warn But Allow mode, which supports self-signed server certificates and lets users connect to View Connection Server with certificates that have expired or are not yet valid. If necessary, administrators can also set a No Security mode that lets users connect without certificate checking.

More details here: http://vinfrastructure.it/en/2011/12/vmware-view-5-certificate-warning/

Blog: http://blog.eeg3.net
0 Kudos
don1304
Contributor
Contributor
‎05-02-2012 03:17 PM

Thanks ....But doing this step , it still displays the https MARKED in red  on the View Client .

Attached the screenshot , We never had this issue in 4.6 .

Preview file
12 KB
0 Kudos
eeg3
Commander
Commander
‎05-02-2012 03:19 PM

I believe that is an intended feature of View 5. Perhaps someone else can confirm.

Blog: http://blog.eeg3.net
0 Kudos
Linjo
Leadership
Leadership
‎05-03-2012 04:08 AM

This would be the expected behavious if the certificate is not trusted by the client.

Its very similar to any webserver having self-signed certificate.

To solve this import the root-certificate on the client or use a certificate in a chain already trusted by the client.

// Linjo

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".
0 Kudos