If you want to set up your SSL Certificate on a view connection server and security gateway, here is a simple setup process.
View Connection Server and Security Gateway SSL Certificate Install
- Add this (C:\Program Files\Vmware\Vmware View\Server\jre\bin) to the system path.
- Then create your CSR. To make one, you can go to websites that provide key tools that you can execute to provide you with a CSR and a Java Keystore (JKS).
- Save your CSR and JKS on your hard drive and use it to get your SSL Certificate from the SSL certificate provider of your choice.
- Go to the certificate authority of your choice and submit your CSR to get your SSL certificate. Save your SSL Certificate also on your hard drive for safekeeping.
- Now that all the three necessary files are in your possession, you can now carry out this command:
keytool -import -alias server -trustcacerts -file <filename>.p7s -keystore <filename>.jks
*You should get this message after executing the command:
“Certificate reply was installed in keystore”
- Now, to make the View Connection Server use your SSL certificate, add the <filename>.jks file onto your web server directory – C:\Program Files\Vmware\VMware View\Server\sslgateway\conf\.
- Next, using your notepad, create a file called locked.properties. Input the following in your notepad file to create this locked.properties file:
keyfile=<name of keyfile>
- Restart the View Connection Server Service for the setup to take effect.
Note: Using Your SSL Certificate and Private Key
You can also use your on hand SSL Certificate and Private Key to install SSL certificates on your View Connection Server. Just make sure that you have the Private Key as this is required in the installation process.
Depending on the type of SSL certification format that you have, you have to follow different configuration paths to make your SSL certificate work.
- If you have a PKCS#12 signed by a root CA, you can use your on hand PKCS#12 file in configuring your View Connection Server to utilize the certificate.
- If you have a PKCS#12 signed by an intermediate CA, you have to import your PKCS#12 keystore into a JKS format before you can use it to configure your View Connection Server to employ your certificate.
- If you have an existing JKS file, you can bring it into play to configure your View Connection Server to apply your SSL Certificate.
- If you have a PEM format, you should contact your certificate provider to determine how you can import your PEM format into a JJKS format before using it on your View Connection Server configuration.
Determining the Certificate File Type
If you cannot determine which type of certificate file that you have, you can figure it out by doing the following steps:
- Use the ‘certutil’ utility: look for your PKCS#12 file on your directory.
- Execute the ‘certutil’ directive and provide your PFX password.
- Scan for the description of your file format (Signature, Root Certificate, and Intermediate Certificate).
After you have determined the type of your certificate, you can now install your certificate and wait for some time (a few minutes) for the setup to take effect.