VMware View Certificate Stuff

VMware View does work with self-signed certificates, but it will always nag you with a warning on the admin interface.
to replace it with another certificate, the following reqiurements must apply:

-the appropriate root cert must be installed
-the private key must be exportable
-a CRL URI must be included
-the friendly name must be ‘vdm’ (can be set after installing it)

to create a CSR (Certificate Signing Request), use this template and save it as request.inf:

;----------------- request.inf -----------------

Signature="$Windows NT$"


Subject = "CN=View_Server_FQDN, OU=Organizational_Unit_Name, O=Organization_Name, L=City_Name, S=State_Name, C=Country_Name" ; replace attributes in this line using example below
KeySpec = 1
KeyLength = 2048
; Can be 2048, 4096, 8192, or 16384.
; Larger key sizes are more secure, but have
; a greater impact on performance.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0


OID= ; this is for Server Authentication


; SAN="dns=FQDN_you_require&dns=other_FQDN_you_require"

To generate the CSR file, run the command:
certreq -new request.inf certreq.txt
use the certreq.txt to create the certificate with a CA of your choice

import it with MMC or the following command:
certreq -accept cert.cer
give it the friendly name ‘vdm’ (and remove vdm from the old cert)

This entry was posted in VMware and tagged , . Bookmark the permalink.