Hi,
Background:
- In a lab I have created a new certificate from Windows CA and imported it into my Connection server. I followed this great guide btw:
http://www.derekseaman.com/2013/03/vmware-horizon-view-52-install-part-2.html very easy.
- I also needed to create a new certificate template to support VMware from this guide http://www.derekseaman.com/2012/09/create-vmware-windows-ca-certificate.html
- I have now a working certificate when for View administrator web admin tool
- Also HTML access with blast client is working with my trusted certificate
Issue:
But I'm struggling with understanding how to get "Windows CA created certificates" working when connecting with other than HTML client.
- Can I just export the certifcate from personal store on Connection server and later import it into GPO, so that all clients in the domain will get the certifcate?
- And what format does that certificate need to be in? (do I need to include the keys?)
- This document http://www.vmware.com/pdf/horizon-view/horizon-view-html-access-document.pdf states that I also need to have certifcates on all View desktops. but I can connect with browser succesfully with trusted certificate and HTML Blast client?!
- And what certificate format does mobile clients such as IOS and Android need?
- In the View documention it states that the certificate need to be in a PKCS12 format, but I didn't need to have that get it working with blast client. do I need to have a key file also on clients?
I have tried to export the certificate from Connection server to the available formats and also published them to Enterprise PKI (NTAuth). The DNS name and FQDN name is verifed to be correct, with also the correct IP in domain DNS.
I'm missing a complete guide on how to get fully working certifcates in a lab enviroment for these scenarios. I feel the documentation is maybe a little to abstract...
Hope anyone has some answers for me. 