Once upon a time, applying SSL certificates was a complicated and drawn out procedure. Now, depending on the application and environment, installation has become much easier.
Unfortunately, that doesn’t necessarily apply to VMware View.
Prior to version 5.1, the cert process was mostly command line with a variety of utilities to generate the CSR as well as export the private key. With 5.1, I have found the easiest and most direct way to do this is using the latest version of IIS (Internet Information Services), either from a Windows 2008 or Windows 2012 server.
VMware View typically has two major components that require an SSL certificate from a CA (Certificate Authority):
- The connection server that processes client connection
- The security server that authenticates as well as tunnels the secure connections between the connection server and security server
Below is a step-by-step guide on how to generate the certificate request, apply the certificate, export the private key and, finally, import the certificate into the local computer personal certificate store on the connection server as well as the security server. Please keep in mind that you will need a wildcard certificate from a CA so that you can apply to both servers.
How to apply SSL Certificates in VMware View 5.1:
- Open up IIS on your Windows 2008 or Windows 2012 server. It’s critical that you generate the request as well as commit the certificate on the same server within IIS.
- Generate the CSR and provide required details for your organization.
- Save the file.
- Send the file to your CA (Go Daddy, Network Solutions, etc.)
- Once the cert is received, complete the pending request.
Now that the cert is ready, let’s convert the file to PFX, which will allow a private key as well as a public key.
How to convert to PFX:
- Copy the PFX file to your Connection and Security server
- Please note that the below steps will be the same for both Windows 2008 and Windows 2012 servers.
- Open up a MMC and add the certificate snap-in. Ensure you open the computer store.
- Open up the personal certificate container and select import.
- Import the PFX file you copied earlier.
- Go to the properties of the certificate and add the friendly name of “vdm.” This is what tells VMware View that this is, in fact, the certificate to use and enforce.
BOOM. You now have a SSL certificate applied to your connections. Remember to restart your View connection service on the connection server as well as the security service on the security server.
Image (cc) jeff_golden via Flickr