Horizon 2212 New Feature Connection Server Certificate Management
One of the latest enhancements in Horizon View Connection Server is the capability to manage certificates directly from the Horizon View administrative console. Furthermore, you can monitor the certificate status. With the necessary permissions within the administrative console, you can take advantage of this new feature. Lets take a look at where this feature is located and how to use it.
Importing and Generating a CSR
Once you logon to your connection server administrative console navigate to Settings>Certificate Management
As you can see I currently have a self signed certificate.
I’ve logged into the connection server as an Administrator but I do not have the ability to manage the certificates yet! Let’s fix that. Navigate to Settings>Administrators>Role Privileges> Add
I’m going to add the required new role Manage Certificates and name it Certificate_Management Next click OK
Now we need to add this new role to the to whatever group you would like to manage the certificates. Settings>Administrators and Groups> Add Permissions next select the newly created Certificate_Management role and lick Finish. After this is complete you are now able to generate a CSR and Import Certificates. (the buttons will now be available to click on)
In the example below this is a CSR request. If you plan to use this certificate with other Horizon Connection Servers please put their FQDN’s in the Subject Alternative Names section.
If you plan to use the method of generating a CSR through the windows GUI. You can follow this VMware KB to generate certificates using the windows GUI. Generating a certificate template and generating/renewing certificate for Horizon connection server (80314)Once you complete the steps in the KB you can import the PFX file generated in the screenshot below.
It is important to note that after you import the certificate. You also have to remove the friendly name VDM of the old certificate on each server. Then make sure you modify your new certificate with the friendly name VDM and restart the VMware Horizon View Security Gateway Component.
View Certificate security Configuration from the Horizon Administrative Console
Settings>Global Settings>Security Settings> View Security Configurations