Configure VMware View 6 Self-Signed Certificate with Smart Card

This is to explain how to Configure VMware View 6.2 with a Self-Signed Certificate using a Smart Card as Authentication mechanism.

I had a problem and here I am sharing how it was resolved.

– VMware view 6.2

– A Stand alone Connection server in place configured with default installed Certificate “I removed it later”.

– Smart Card with Local Domain Controller CA Certificate.

I had to create a New self-Signed certificate in my Connection server using IIS “you have to change the default port of IIS otherwise it will conflict with connection server page

Above vdm should be small not CAPS!!!!

It should have its private key with it:

After creation I exported it from the personal store with the private key , placed in trusted root:

My Connection server looks green

Although it is self-signed , this is because I modified the “CertificateRevocationCheckType ” as per this KB

Set the “Required” option to make sure you are using only Smart Card:

Till this point if you authenticate with your Smart Card you will have this error:

Smart card or certificate authentication is required.

So go ahead and Export your Local Domain CA Root & Intermediate Certificates , Follow this KB up , the purpose of this KB is to let Connection Server Store recognize your Domain CA certificate.

I launched View Horizon windows client, I entered the Smart Card PIN , but I got this error:

Error: An SSL error occurred.

This means the Smart Card is authenticated via the connection server but there’s something wrong with the certificate or the process itself.

Above we created the locked.propoerties

Open it with notepad , you will find only the below lines:

trustKeyfile=lonqa.key

trustStoretype=JKS

useCertAuth=true

I modified it as per this KB and this Ref , so it looked like:

trustKeyfile=lonqa.key
trustStoretype=JKS
useCertAuth=true
secureProtocols.1=SSLv3
secureProtocols.2=TLSv1
enabledCipherSuite.1=SSL_RSA_WITH_RC4_128_MD5
enabledCipherSuite.2=SSL_RSA_WITH_RC4_128_SHA
enabledCipherSuite.3=TLS_RSA_WITH_AES_128_CBC_SHA
enabledCipherSuite.4=TLS_DHE_RSA_WITH_AES_128_CBC_SHA
enabledCipherSuite.5=TLS_DHE_DSS_WITH_AES_128_CBC_SHA
enabledCipherSuite.6=SSL_RSA_WITH_3DES_EDE_CBC_SHA
enabledCipherSuite.7=SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
enabledCipherSuite.8=SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
enabledCipherSuite.9=TLS_RSA_WITH_AES_256_CBC_SHA
enabledCipherSuite.10=TLS_DHE_RSA_WITH_AES_256_CBC_SHA
enabledCipherSuite.11=TLS_DHE_DSS_WITH_AES_256_CBC_SHA

Enjoy !!!

Advertisements

About Ahmad Sabry ElGendi

https://www.linkedin.com/pub/ahmad-elgendi/94/223/559
This entry was posted in Vmware. Bookmark the permalink.

One Response to Configure VMware View 6 Self-Signed Certificate with Smart Card

  1. Virtual Surfer says:

    Thanks a lot for this post

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s