Sunday, August 16, 2009

HOWTO: Use existing SSL certicate for VMware Security server

Not sure if you guys have figured this out already but after lots of trial and error I did eventually figure this out.

There are some steps that the "View Manager Administration Guide" should have included but they are close. I used "View Manager 3.1" version of the document with the following changes.

The following process assumes that you have installed an internal View Connection Server and the View Security Server software on a machine in your DMZ.

-----------------------------------------------------------------------------

If you have an existing SSL certificate follow the below process:

1. Right click your SSL certificate from IIS or Windows Server using the Certificates Snap-in, select All Tasks > Export

2. On the Welcome Screen click Next

3. On the Export Private Key screen, select "Yes, export the private key", click Next

4. On the Export File Format screen, PFX will be selected, check both "Include all certificates in the certification path if possible" and "Export all extended properties" and click Next

5. Type confirm a password, click Next. (Note: You will need to remember this password for Step 10

6. Enter a name and folder path for the exported certificate, click Next

7. Click Finish.

8. Copy the exported certificate to C:\Program Files\VMware\VMware View\sslgateway\conf on your View Security Server.

9. Create or edit the file C:\Program Files\VMware\VMware View\sslgateway\conf\locked.properties

10. Add the following properties to locked.properties
keyfile=name of exported certificate from Step 6
keypass=password used in Step 5

eg.

keyfile=certificate.pfx
keypass=password

11. Restart the View Connection Service on the security server.

12. Connect to your published https://view.companyname.com and enjoy the wonder of virtual desktops.

No comments: