VMware Horizon Community
mobinqasim786
Enthusiast
Enthusiast
‎04-28-2015 10:23 AM

View Security SSL Certificate Test

Hi Guys,

I was testing SSL Certificate for my View Horizon 5.3.2  envionment using https://www.ssllabs.com/ssltest/.

I've attached the result which I found while testing. I found an error and a few warnings. Could someone please help how I can resolve error and warnings found is SSL test.

Regards,

Mobin

Preview file
16 KB
3 Replies
RyanH84
Expert
Expert
‎04-30-2015 04:24 AM

Hi,

From my very basic understanding of Diffie-Hellman, it is essentially an old public-key protocol used for exchanging keys between systems over an insecure channel. I'm not a security/crypto person though.

I found a Technet Article which describes configuring Key Exchange mode on a Windows Server. I would be careful about changing this though, it really depends on how desperate you are to stop the critical warning on your check? I'd advise fully testing compatibility in a lab before making any changes to any production system.

With regards to the warnings, I'd read up on enabling TLS 1.2 in your server and also look at disabling older versions which might have security holes in them. Again, I'd be very careful with this stuff and test as much as possible first.

Not really much use I'm afraid, but hopefully might be a start?

------------------------------------------------------------------------------------------------------------------------------------------------- Regards, Ryan vExpert, VCP5, VCAP5-DCA, MCITP, VCE-CIAE, NPP4 @vRyanH http://vRyan.co.uk
mobinqasim786
Enthusiast
Enthusiast
‎05-07-2015 09:59 PM

Hi Ryan,

Thanks for the detailed reply. I tried to look if there's any fix related to the mentioned warnings and errors regarding VMware View, but I couldn't find anything. I'd just like to know if people are also getting these warnings or errors in sslblabs testing for their View environment. My current environment is running smooth and I don't want to make any changes if it's not a big deal. So my question is can I ignore them without any risk?


Regards,

Mobin

0 Kudos
mobinqasim786
Enthusiast
Enthusiast
‎05-21-2015 11:21 PM

Guys,

Following post helped me to resolve the issues. I hope it helps anyone else who wants to remove ssllabs warnings for View Servers.

Re: Disable Protocols and Ciphers in VMware View Security and Connection Servers

Also if anyone else found solution to Enable Forward Secrecy please help.

Regards,

Mobin

0 Kudos