VMware Workspace ONE Community
TSher
Enthusiast
Enthusiast
‎09-20-2013 02:30 PM

Workspace v1.5 SSL

HI,

I have installed Workspace 1.5.  Everything is working great.  I want to add a wildcard cert signed by digicert.  I'm struggling to find some good documentation/procedures on how to do this. Could someone please point me in the direction of the correct procedures on how to add a wildcard SSL cert so end users no longer receive the certificate warning.

Thanks for any help

Reply
0 Kudos
9 Replies
GeoffN
Enthusiast
Enthusiast
‎09-21-2013 11:34 AM

Follow the instructions "Applying an SSL Certificate from a Major or Private Certificate Authority" located here:

VMware Horizon Workspace 1.5 Documentation Center

Reply
0 Kudos
TSher
Enthusiast
Enthusiast
‎09-21-2013 11:48 AM

Hi,

Thanks for the reply. I did look at that document prior to posting but it doesn't mention about creating a CSR, or am I misunderstanding?

Thanks

Reply
0 Kudos
GeoffN
Enthusiast
Enthusiast
‎09-22-2013 09:44 AM

I my case I used OpenSSL to convert an existing wildcard cert (*.domain.com) we had to pem format and used that.

If you need to generate a csr request, you should be able to that with Openssl, here is an example:

Apache SSL CSR Creation - OpenSSL Apache CSR

Good luck, I wish VMware would build a nice tool tool to make putting certs onto the various products they have easier.

Reply
admin
Immortal
Immortal
‎09-30-2013 02:15 PM

You have a good point here, we are now keeping track of this request internally for future releases. For the moment, GeoffN method is recommended.

Reply
0 Kudos
guru05
Enthusiast
Enthusiast
‎11-04-2013 09:37 AM

Does it have to be a wildcard cert? What if you just want to do a cert for gateway.yourcompanyname.com? Is that ok or would that break things?

Reply
0 Kudos
TSher
Enthusiast
Enthusiast
‎11-05-2013 01:46 AM

Hi,  My understanding is it doesn't have to be a Wildcard certificate.  In my case I just find it easier as the one wild card certificate I bought covers all my servers, Workspace, View, VCenter, Windows, Access Manager etc....

Thanks,

Reply
0 Kudos
admin
Immortal
Immortal
‎11-05-2013 02:27 AM

Indeed. The name being used and set in CN/SAN should be containing any FQDN being contacted by the clients (e.g. horizon.example.com, connector.example.com).  As Ther says, a wildcard cert is commonly found given that it can be used in any SSL implementation throughout a company, giving more freedom among things. The savings would be consistent after installing it on 2/3+ servers (that means, almost always).

Reply
0 Kudos
guru05
Enthusiast
Enthusiast
‎11-07-2013 12:43 PM

Oh Boy! So we got an SSL cert for gateway.company.com. I installed it on configurator.companyname.com ; it didnt accept the cert as the chain wasn't right. ( I had the primary, secondary, and the ssl certificate)

Next I used the method provided by GeoffN; I installed the primary and secondary certs on all VMs. This time the configurator.companyname.com accepted the cert and it all worked out.

But so far the cert isnt showing up on gateway.companyname.com

I got the SSL cert from RapidSSL.com; any idea of what I could be doing wrong ?

Thank you

Reply
0 Kudos
admin
Immortal
Immortal
‎11-08-2013 11:58 AM

Hey Guru,

I believe we've got to a point where you should raise a SR with VMware and get appropriate attention from a dedicate engineer.  But please keep us posted on how it goes and please paste here your resolution once fixed, as the forums are a wonderful resources for others as well. Thanks!!!

Reply
0 Kudos