Certificates are always fun… or should I say PITA? Whatever… During a small Horizon View PoC, I noticed an error message for the View Connection Server.
That’s right, Mr. Connection Server. The certificate subject name does not match the servers external URL, as this screenshot clearly shows.
But both settings are unused, because a VMware Access Point appliance is in place. If I remove the certificate, that was issued from a public certificate authority, I get an error message because of an invalid, self signed certificate.
I want to use the certificate on the Horizon View Connection Server, but I also want to get rid of the error message, caused by the wrong subject name. The customer uses split DNS, so he is using the same URL internally and externally, and the certificate uses the external URL as subject name.
Change the URLs
The solution is easy:
- Enable the checkboxes for the Secure Tunnel connection and the Blast Secure Gateway
- Change the hostname to the name, that matches the subject name of the certificate
- Uncheck the checkboxes again, and apply the settings
After a couple of secons, and a refresh of the dashboard, the error for the Connection Server should be gone.
- Escaping special characters in proxy auth passwords in vCenter - October 8, 2021
- On the road to… nowhere? - July 26, 2021
- Configure VMware Horizon View client device certificate authentication - March 11, 2021