Hello,
I’m trying to set a SSL cert generated from our internal CA.
I went through the installation documentation at the Applying an SSL Certificate from a Private Certificate Authority chapter (page 72 of http://pubs.vmware.com/horizon-workspace-10/topic/com.vmware.ICbase/PDF/horizon_workspace_10_install...)
When I add the certificate in PEM format, afterwards, and when I log back to the admin web interface, I can see that the new certificate has been applied. But when I want to login, the following error appears:
Error
Request failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
I must set back the certificate to generated one to being able to make it work again.
If you have any suggestion, I’m more than welcome because this point is quite blocking to push the infrastructure into pre-production.
Many thanks
Eric
A small update:
not only the virtual users are not accessible, but also the COS of the Data service.
it seems that the communication to the data-va is not working well.
Eric
On the data vm, can you try running this :
/opt/zimbra/bin/zmcertmgr addcacert /etc/ssl/certs/horizon_private_ca.pem
the restarting the processes.
Hi Schoppert,
the /opt/zimbra/bin/zmcertmgr addcacert /etc/ssl/certs/horizon_private_ca.pem did not worked, I eve tried to restart the whole infra with the same result:
COS: Unable to get class of service.
Virtual User: Failed to get list of virtual users
I'm going to try to roll back to a self-signed cert on the gateway to see if the communication with the data works again.
Eric
After looking at the Horizon instructions for adding a cert from a major cert authority, I tried applying the certificate i created to both the gateway/configurator and the connector VM. I've got a quick and dirty writeup on my blog (http://cars.lostroncos.org/2013/03/16/adding-ms-signed-certs-to-horizon-workspace/) that might be helpful for some folks... I've managed to repeat this process multiple times so I have some level of confidence it works...
did you try to check the Virtual Users and the COS of the data service?
in my install, everything works except these 2.
Eric
Not sure what errors you were seeing, but I am able to create/apply new COS and share things with new virtual users.