VMware View does work with self-signed certificates, but it will always nag you with a warning on the admin interface.
to replace it with another certificate, the following reqiurements must apply:
-the appropriate root cert must be installed
-the private key must be exportable
-a CRL URI must be included
-the friendly name must be ‘vdm’ (can be set after installing it)
to create a CSR (Certificate Signing Request), use this template and save it as request.inf:
;----------------- request.inf -----------------
[Version]
Signature="$Windows NT$"
[NewRequest]
Subject = "CN=View_Server_FQDN, OU=Organizational_Unit_Name, O=Organization_Name, L=City_Name, S=State_Name, C=Country_Name" ; replace attributes in this line using example below
KeySpec = 1
KeyLength = 2048
; Can be 2048, 4096, 8192, or 16384.
; Larger key sizes are more secure, but have
; a greater impact on performance.
Exportable = TRUE
MachineKeySet = TRUE
SMIME = False
PrivateKeyArchive = FALSE
UserProtected = FALSE
UseExistingKeySet = FALSE
ProviderName = "Microsoft RSA SChannel Cryptographic Provider"
ProviderType = 12
RequestType = PKCS10
KeyUsage = 0xa0
[EnhancedKeyUsageExtension]
OID=1.3.6.1.5.5.7.3.1 ; this is for Server Authentication
[RequestAttributes]
; SAN="dns=FQDN_you_require&dns=other_FQDN_you_require"
;-----------------------------------------------
To generate the CSR file, run the command:
certreq -new request.inf certreq.txt
use the certreq.txt to create the certificate with a CA of your choice
import it with MMC or the following command:
certreq -accept cert.cer
give it the friendly name ‘vdm’ (and remove vdm from the old cert)