To import a self-signed certificate on a Mac host, you export the certificate from your Horizon FLEX server and import it to the Mac.

Prerequisites

  • Become familiar with how to install and use the MMC Certificates snap-in on a Windows system. For more information, go to the Windows TechNet Web site at http://technet.microsoft.com.

  • Become familiar with how to use Keychain Access on a Mac. For more information, go to the Apple Support Web site at http://support.apple.com.

  • Install Windows IIS.

Procedure

  1. Export the self-signed certificate from your Horizon FLEX server.
    1. On the Horizon FLEX server, start MMC (mmc.exe), add the Certificates snap-in for a computer account, and manage certificates for the local computer.
    2. Select File > Add/Remove Snap-in.
    3. Click the Certificates snap-in and click Add.
    4. On the Certificates snap-in display, select Computer account and click Next.

      This setting is required by the Horizon FLEX server.

    5. Select Local Computer and click Finish and then OK.
    6. In the left navigation pane, expand Certificates (Local Computer).
    7. Right-click on Trusted Root Certification Authorities and select All Tasks > Import.

      The Certificate Import Wizard opens.

    8. Click Next.
    9. Browse for the root certificate file and click Next.
    10. Select Place all certificates in the following store: Trusted Root Certification Authorities and click Next, then click Finish.
    11. Navigate to Trusted Root Certification Authorities > Certificates.
    12. Select and export the self-signed certificate.

      Export the certificate in DER-encoded binary X.509 (.CER) format.

  2. Copy the self-signed certificate to the Mac.
  3. Import the self-signed certificate on the Mac.
    1. Double-click the self-signed certificate to open it in Keychain Access.

      The self-signed certificate appears in login.

    2. Copy the self-signed certificate to System.

      You must copy the certificate to System to ensure that it is trusted by all users and local system processes, including the virtual machine (vmware-vmx) processes in Fusion Pro.

    3. Open the self-signed certificate in System, expand Trust, select Use System Default, and save your changes.
    4. Reopen the self-signed certificate in System, expand Trust, select Always Trust, and save your changes.
    5. Delete the self-signed certificate from login.

Results

The self-signed certificate is now trusted for all users.