We have 3 connection servers and when we browse to the https site using the servers name all three work great. However if we use the vanity name that we created in DNS to balance across all three host we receive the errors below and the page will not load. I have created certificates on all three host and the certificates have a SAN name for the vanity URL that we have so that shouldnt be the issue. Has anyone encountered this issue before? The errors are vague so its tough to determine why it doesn't like the vanity name. In the browser console the only error i see is https://vanityname.domain.com/broker/xml 404 (not found). However if i replace vanityname.domain.com with the servers name then i dont get that error. Also if i use the Horizon client installed on my machine with the vanity url it works great. The only issue i have is when i use the HTML Access site.
This is what i see when i go to the admin console
This is what i see when i click on the Horizon HTML Access link
You need to add the URL to the locked.properties file on all of your connection servers
Allow HTML Access Through a Load Balancer
View Connection Server instances and security servers that are directly behind a load balancer or load-balanced gateway must know the address by which browsers will connect to the load balancer when users use HTML Access.
For View Connection Server instances and security servers that are directly behind a gateway, perform the procedure described in Allow HTML Access Through a Gateway.
You must perform this procedure for each View server that is behind the load balancer or load-balanced gateway.
1 | Create or edit the locked.properties file in the SSL gateway configuration folder on the View Connection Server or security server host. For example: install_directory\VMware\VMware View\Server\sslgateway\conf\locked.properties |
2 | Add the balancedHost property and set it to the address of the load balancer. For example, if users type https://view.example.com in a browser to reach any of the load-balanced View servers, add balancedHost=view.example.com to the locked.properties file. |
3 | |
4 | Restart the View Connection Server service or security server service to make your changes take effect. |
i tried this but it didnt work. I added the one vanity url and it didnt work. Then i added the hosts to the file and same issue.
That issue you are seeing is typical of the name not being in the locked.properties file.
What happens if you edit the local C:\Windows\System32\Drivers\etc\hosts file on each connection server and add vanityname.domain.com and vanityname and specify the IP address of the connection server you're on?
ok i tried a few things and below is what i have found.
So in the locked.properties file i put the following
balancedhost.1=vanity.domain.com
balancedhost.2=servername01.domain.com
balancedhost.3=servername02.domain.com
balancedhost.4=servername03.domain.com
The thinking behind this is i may want to access a specific connection server host in addition to the vanity name. Does this make sense?
In the admin console if i go to View Configuration - > Servers -> connection servers... and edit the external URL and blast external URL on each connection server to be the vanity.domain.com URL. It seems to work. However i can ONLY access the site using the vanity name. If i try to browse to the admin console or html access site with the server name i get the errors.
Do you know if there is a way to make it work with the vanity name and the connection server name? I may want to troubleshoot a specific problem with one host and i wouldn't be able to without editing a host file.
I have the balancedHost at the top of my locked.properties file. The syntax is...
balancedHost=vanity.domain.com
You must restart the server after you set that so it takes effect.
I would not set the external URLs as the vanity name. If you click on the ? it specifically says not to set it to the external load balance url.
interesting....previously it didnt work that way.
I will change it back and see if that works.
if i change that external URL back it doesn't work at all.
we are technically not behind a load balancer. We just have three ip's in DNS for that vanity name.
I may open a case to see if its a problem to have the vanity name in the external URL.