To import an internal root CA certificate on a Windows host, you export the certificate from your Horizon FLEX server and import it to the Windows computer.

Prerequisites

  • Become familiar with how to install and use the MMC Certificates snap-in on a Windows system. For more information, go to the Windows TechNet Web site at http://technet.microsoft.com.

  • Obtain and install an internal CA certificate. You can use the Windows MMC Certificates snap-in to request a certificate.

  • Install Windows IIS.

Procedure

  1. Export the root CA certificate from your Horizon FLEX server.
    1. On the Horizon FLEX server, start MMC (mmc.exe), add the Certificates snap-in for a computer account, and manage certificates for the local computer.
    2. Select File > Add/Remove Snap-in.
    3. Click the Certificates snap-in and click Add.
    4. On the Certificates snap-in display, select Computer account and click Next.

      This setting is required by the Horizon FLEX server.

    5. Select Local Computer and click Finish and then OK.
    6. In the left navigation pane, expand Certificates (Local Computer).
    7. Right-click on Trusted Root Certification Authorities and select All Tasks > Import.

      The Certificate Import Wizard opens.

    8. Click Next.
    9. Browse for the root certificate file and click Next.
    10. Select Place all certificates in the following store: Trusted Root Certification Authorities and click Next, then click Finish.
    11. Navigate to Trusted Root Certification Authorities > Certificates.
    12. Select and export the root CA certificate.

      Export the certificate in DER-encoded binary X.509 (.CER) format.

  2. Copy the root CA certificate to the Windows computer.
  3. Import the root CA certificate to the Windows computer.
    1. On the Windows computer, start MMC (mmc.exe).
    2. Add the Certificates snap-in for the computer account and manage certificates for the local computer.
    3. Import the root CA certificate into Trusted Root Certification Authorities > Certificates.

Results

The root CA certificate is now trusted for all users.