Wildcard Should be a better Option as the Certificates get issued to the Computer and using it on the parent might not help.Wildcard is a good approach
i had the same problem. I changed the certificate on some VM's issued by our PKI. But.... if i connect to the Desktop i see that the URL for the connection contains the IP-Address from the VM and so i get an certifcate error because the certificate was issued to the machinename. So i think certificates issued with wildcards does not work for you.
Please let me know if i am wrong.
Any Dns Issues ??
I believe you are correct that the Blast connection is made using the IP address assigned to the View Desktop. When I looked at the URL, it seems to attempt to use the IP Address. I was just curious if anyone has managed to find a work around that tells it to use the DNS name instead?
Right after adding to this thread asking about this, I noticed there is a GPO setting ""Connect using DNS Name" that can be applied to force the Blast connection to use DNS instead of IP. With that being said, a wildcard cert added to the linked clone source VM and configured to be used for Blast should work.
Reference the following KB for information on the GPO:
Reference the Horizon HTML Access docs for information on how to change the cert on the linked clone source VM. (Section titled: Configure HTML Access Agents to Use New SSL Certificates)
If you are using View 6.1 (as I am) then you have to do this differently because that GPO setting has been removed. Reference the bottom of the page on following online 6.1 doc:
Exact procedure listed here:
I haven't tried this myself yet but I will in the next few days and try to report my results.
This setting does not appear to have any impact on how the HTML Access client connects. The web browser still attempts to connect to the VM using an IP address rather than DNS name. I have a ticket open with VMware on this issue, but haven't made any progress.
I'm looking into this as well. Any updates from support?