VMware Horizon SSL/TLS CSR Certificate Directions

VMware Horizon SSL/TLS CSR Certificate Directions

1. Using RDP Login to the first Horizon Connection Server.
2. Right Click the Windows Start Menu and click Run.
3. Type MMC into the Open box and press OK.
4. Go to File -> Add/Remove Snap-in
   1. Under Available snap-ins select certificates and press Add to add to the selected snap-ins
   2. Select Computer account and press next
   3. Leave defaults and press finish
   4. Press Ok
5. Open the Certificates tree by pressing the carrot ^
   1. Navigate to Personal -> Certificates
6. On the right side you should see all of your computer certificates
   1. Notice the certificate that has the friendly name “vdm” this is the current certificate that is being used by Horizon
   2. You can either Right click and select all tasks -> renew certificate (If this is the certificate you want to renew.) or you can carry on with requesting a new certificate.
   3. Right Click this certificate and click properties
   4. Change the friendly name to vdm-old and press OK
   5. Note – This will unassign the certificate from Horizon
7. Right click on certificates in the left column and navigate to All Tasks -> Request New Certificate
   1. Click Next
   2. Click Next
   3. You should now see your certificate template that for Horizon
      1. Under the horizon template click “More information is required to enroll for this certificate.. Click here to configure settings”
      2. Under Subject Name change type to Common Name
         1. The value is your FQDN of connection server 1. Ex. Hzncon-01.example.com
         2. Press Add

• Under Alternative Name Change type to DNS
  1. Please enter FQDN again and press add
  2. Change type to IP address (v4) and enter the IP of the connection server and press add.

1. Under the General Tab
   1. Type vdm for the friendly name
   2. Press ok
2. Select your template that we just configured and press enroll

8. You should now see your certificate with the friendly name vdm.
9. Click the Windows Start Menu and type in services and press enter.
   1. Navigate to VMware Horizon View Connection Server services and restart the service.
   2. This will disconnect ALL current sessions.
   3. Wait approximately 5 – 10 minutes for the services to come back up fully.
10. Open a Web Browser and navigate to the first Horizon Connection Server Web Portal. On the left side of the search bar there is either a lock icon or a settings icon. Both of which should be in a happy state. Clicking on either of these will show “Connection is Secure” Clicking on the box will take you to another location where you can view the certificate.
11. You should now see the common name that we entered earlier and which CA issued your certificate. If you check under the validity period you will see when the certificate was issued and when it will expire. Always keep note of this!
12. Repeat all previous steps for each Horizon Connection Server.