You must add root certificates to a server truststore file for all users and administrators that you trust. View Connection Server instances and security servers use this information to authenticate smart card users and administrators.
Obtain the root certificates that were used to sign the certificates on the smart cards presented by your users or administrators. See Obtain the Root Certificate from the CA and Obtain the Root Certificate from Windows.
Verify that the keytool utility is added to the system path on your View Connection Server or security server host. See the View Installation document for more information.
- On your View Connection Server or security server host, use the keytool utility to import the root certificate into the server truststore file.
For example: keytool -import -alias alias -file root_certificate -keystore truststorefile.key
In this command, alias is a unique case-sensitive name for a new entry in the truststore file, root_certificate is the root certificate that you obtained or exported, and truststorefile.key is the name of the truststore file that you are adding the root certificate to. If the file does not exist, it is created in the current directory.Note:
The keytool utility might prompt you to create a password for the truststore file. You will be asked to provide this password if you need to add additional certificates to the truststore file at a later time.
- Copy the truststore file to the SSL gateway configuration folder on the View Connection Server or security server host.
For example: install_directory\VMware\VMware View\Server\sslgateway\conf\truststorefile.key
What to do next
Modify View Connection Server configuration properties to enable smart card authentication.