In Part 2 of this series I will be switching the Connection & Security Servers default SSL certificates to trusted SSL certificates. Once you obtain the replacement certificates the swap is very simple and easy! You can jump to Part 3 if you are just testing View in your environment and have no care if the certificate is valid.
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop](https://i1.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-1-Untrusted-Certificated.png?ssl=1)
vBoring Blog Series:
Untrusted / Invalid Certificate:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_02](https://i2.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-1-Bad-Cert.png?ssl=1){kind=small}
On the View Administrator Console the Connection and Security Servers will have a red square stating it has a Invalid and Untrusted Certificate. To resolve this you will need to create a signed certificate from an internal or external CA. For your Connection Servers you can use a internal certificate but for Security Servers you need to use a outside trusted CA. I used StartSSL.com to create a wildcard certificate for my domain and will be using it. To read more about creating your certificates check out the VMware document: Scenarios for Setting Up SSL Certificates for View. It says for Horizon View 6 but it carries over to Horizon View 7.
Changing Certificate on Connection/Security Servers:
The process for updating the certificate is the same on the Connection and Security Servers. Once you have the certificate(s) we need to import into the Windows Certficiate store. Login to your Connection/Security Server, open MMC.exe -> File -> Add/Remove Snap-in… -> Select Certificates -> Add:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_03](https://i1.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-2-MMC-Certificates.png?ssl=1)
Select Computer Account then click Next:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_04](https://i1.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-3-MMC-Certificates-Computer-Account.png?ssl=1)
Drill down to Certificates/Personal/Certificates. Under the Friendly Name column find the one that says vdm. Right click and go to Properties:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_05](https://i2.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-4-Properties.png?ssl=1)
We are going to rename the friendly name. Add a -original to the end then click Apply/Ok:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_06](https://i0.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-5-Rename-Friendly-Name.png?ssl=1)
Now the Friendly Name is changed (vdm-original) right click in the white area, hover to All Tasks -> Import:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_07](https://i2.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-6-Import-Certificate.png?ssl=1)
Go through the Import Wizard and import the certificate you wish to use. Ensure you check the box that says “Mark this key as exportable“. If that box is not checked then the certificate will not work.
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_08](https://i2.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-6-1-Mark-Key-as-Exportable.png?ssl=1)
Now the certificate is imported right click it and go to Properties:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_09](https://i2.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-7-Properties-on-Imported-Certificate.png?ssl=1)
Change the friendly name to vdm then click Apply/Ok:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_10](https://i0.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-8-Rename-as-VDM.png?ssl=1)
You can restart the View services but I found it easier to just reboot the server and let everything come up clean.
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_11](https://i0.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-9-Restart-Connection-Server-Service.png?ssl=1)
Once rebooted and services are started open your browser and go to the Administrator Console. You will notice it is using the new certificate!
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_12](https://i1.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-10-Certificate-is-now-Green.png?ssl=1)
On the Dashboard screen both Connection Server/Security Server will no longer have a red square as the certificate is now valid:
![VMware Horizon View 7: Apply SSL Certificates [Part 2]_virtual desktop_13](https://i2.wp.com/www.virtuallyboring.com/wp-content/uploads/2016/04/Add-SSL-Cert-fo-View-11-All-Green-Dashboard.png?ssl=1){kind=small}
Proceed to the next step:
