Hi Community,
I have 5 internal Connection Servers and 2 Security Gateways in our production environment.
Now, after the View 5.1 Upgrade, are my Security Servers "red marked" in View Administrator.
To solve this, I need to generate a certificate with two common names (CN).
One for a secure internal connection (between security and connection) and one for public users to connect.
I want build a CSR file (certificate request) that I can let authorize.
How can I build this?
In the CN fields I must define:
A) the internal servername in FQDN
B) the external servername (in the Internet) as example: view.company.com
Does it give a white paper how I can generate this CSR?
Be careful if you plan to upgrade to 5.1.
There are many security improvements in 5.1.
This can be a show stopper, if you don't review your official certs!
To solve issues, VMware Professional Services assists me.
But at this point, I can't find a solution.
Thanks, Jo
I am stuck and have some of the same questions. I use Network solutions to generate a signed certificate. I am asked the question what type software example Microsoft IIS 5.X and later. Then I am asked to enter the CSR from the Web Host. I am wondering do I need to install a CA in my domain and have it generate a CSR? I have read through several documentations but I could not find any of the info either.
Jo, I have described the process here: http://fojta.wordpress.com/2012/05/27/vmware-view-5-1-and-ssl-certificate-replacement/
Tomas
Hi!
Your description is for Connection Servers.
My problem are on Security Servers.
At the moment, I have a SR opened at VMware.
VMware doesn´t find a quick solution for this situation.
At the moment it looks like a global problem of View 5.1.
I will you keep informed.
Thanks, Jo!
Have you tried using a SAN cert? I'm using SAN (Unified Communications) certs from DigiCert for all my servers (connection, security, vc, hosts, etc.) and what's effectively a single cert with multiple SANs works fine - Teradici 4.0 firmware issue aside.
Geoff
Hi, I´ve done it with OpenSSL.
All works fine now...
Thanks, Jo!
Hi all. Any update?. I need to configure ssl certificates fot both...connections servers for LAN and security server for external access.
Thanks
You can request a certificate from an internal key infrastructure (if you have).
Otherwise you must generate an CSR-file and send it to an certificate authority.
Then you get a valid cert back and you can import it (don´t forget to import the root and intermediate certs also on the servers).
For some detailed informations follow my blog posts:
http://vmpro.at/2012/06/02/vmware-view-5-1-and-ssl-certificate-replacement/
cu Jo!
Hello all,
I also had the problem with ssl on view 5.1
Found today kb2020913
Take a look at Note: Ensure you choose the Windows Server 2003 certificate template option. Do NOT choose Windows Server 2008.
After using old template it really work!
I`m in perplexity, why vmware made this strange changes with ssl.
Hi all, what are the required steps to only replace the security server certificate with a verisign cert?. Is it possible to only replace the security server certificate and use the default certs for the connection servers.?
Thanks a lot
Hi,
Here are two doc which will help you to import certificate in VMware view
http://pubs.vmware.com/view-51/topic/com.vmware.ICbase/PDF/view-51-obtaining-certificates.pdf
>> VMware recommend to have certificate issue by common authority across all the view component. However I have seen CA signed certificate installed only for security server and working fine.
Regards
Mohammed