Updating the certificates on a VMware Horizon Connection Server manually involves a few steps to ensure the new certificates are properly installed and the system continues to operate securely. Below is a detailed guide on how to perform this process:
Prerequisites
Obtain updated server and intermediate certificates from the Certificate Authority Server.
Verify that the Certificate snap-in was added to MMC on the Windows Server on which the Horizon Connection Server instance was installed.
Procedure
Login to Horizon Connection Server & Import the signed TLS server certificate into the Windows local computer certificate store.
Run certlm.msc. Or run mmc, add the Certificates snap-in, and point it to Computer > Local Machine.
In the MMC window, expand Certificates (Local Computer).
Right-click Personal > All Tasks > Import.
Follow the wizard to import the .pfx file. You'll be prompted for the certificate password (if applicable).
Select Mark this key as exportable.
Click Next and click Finish.
Ensure the certificate appears in the Personal store and the certificate chain is complete.
Delete the certificate which is present with the friendly name, vdm, from the old certificate that was issued to the VMware Horizon 8 server.
Right-click the old certificate and click Properties
On the General tab, rename the Friendly name text to vdm_old.
Check "Disable all purpose for this certificate"
Then add the certificate Friendly name, vdm, to the newly certificate that is replacing the previous certificate.
Right-click the new certificate and click Properties
On the General tab, in the Friendly name field, type vdm.
Click Apply and click OK.
If intermediate certificates are issued to a Horizon Connection Server host, import the most recent update to the intermediate certificates into the Certificates (Local Computer) > Intermediate Certification Authorities > Certificates folder in the Windows certificate store.
Restart the VMware Horizon Connection Server service to make your changes take effect.
Comentários