Deploying SSL for VMware View 5.1 Connection/Security Servers
Certificate installation & administration has always been a challenging task to perform on VMware products. This article will outline the steps needed to perform this in a relatively quick manner using a surrogate server to create the certificate. We will then export the certificate from the surrogate and import it into the Connection/Security Server.
1. In "Server Manager", on the surrogate server, add the "Web Server (IIS)" role.
2. Uncheck all options with the exception of the "IIS Management Console". Install the roll, then drill down to the "Server Certificates" icon within the roll.
3. On the right side of the console, select "Create Certificate Request" and fill the form in with your information. On the next screen, choose a bit length of 2048. On the final screen, name the request to your liking.
4. Have the generated request signed by a third party, then choose "Complete Certificate Request". Choose the .cer you received from the authority and be sure to give it the friendly name "vdm".
5. Next, right click on the newly created certificate and choose export. Choose a location to export the pfx to and assign it a password.
6. Copy the pfx file to your View Connection/Security Server, then open the Certificate MMC:
- Start -> Run -> mmc.exe
- Choose File -> Add or Remove Snap-Ins
- Select Certificates and Click Add
- Choose the "Computer account" radio button
- Choose Finish then OK
Right click on Personal -> Certificates and go to All Tasks -> Import.
7. Import your pfx file using using the password you secured it with. Make sure you select the "Mark this key exportable."
8. You can then delete the original self-signed cert, exit the MMC, and restart the VMware View Security/Connection Server service.