To import a self-signed certificate on a Mac host, you export the certificate from your Horizon FLEX server and import it to the Mac.
Prerequisites
-
Become familiar with how to install and use the MMC Certificates snap-in on a Windows system. For more information, go to the Windows TechNet Web site at http://technet.microsoft.com.
-
Become familiar with how to use Keychain Access on a Mac. For more information, go to the Apple Support Web site at http://support.apple.com.
-
Install Windows IIS.
Procedure
- Export the self-signed certificate from your Horizon FLEX server.
- On the Horizon FLEX server, start MMC (mmc.exe), add the Certificates snap-in for a computer account, and manage certificates for the local computer.
- Select .
- Click the Certificates snap-in and click Add.
- On the Certificates snap-in display, select Computer account and click Next.
This setting is required by the
Horizon FLEX server.
- Select Local Computer and click Finish and then OK.
- In the left navigation pane, expand Certificates (Local Computer).
- Right-click on Trusted Root Certification Authorities and select .
The Certificate Import Wizard opens.
- Click Next.
- Browse for the root certificate file and click Next.
- Select Place all certificates in the following store: Trusted Root Certification Authorities and click Next, then click Finish.
- Navigate to .
- Select and export the self-signed certificate.
Export the certificate in DER-encoded binary X.509 (.CER) format.
- Copy the self-signed certificate to the Mac.
- Import the self-signed certificate on the Mac.
- Double-click the self-signed certificate to open it in Keychain Access.
The self-signed certificate appears in
login.
- Copy the self-signed certificate to System.
You must copy the certificate to
System to ensure that it is trusted by all users and local system processes, including the virtual machine (vmware-vmx) processes in
Fusion Pro.
- Open the self-signed certificate in System, expand Trust, select Use System Default, and save your changes.
- Reopen the self-signed certificate in System, expand Trust, select Always Trust, and save your changes.
- Delete the self-signed certificate from login.
Results
The self-signed certificate is now trusted for all users.