You can set up trusted CA-Signed SSL server certificate to ensure that traffic between clients and desktops is not fraudulent.

Prerequisites

  • Replace the default self-signed SSL server certificate with a trusted CA-signed SSL server certificate. See Replacing the Default Self-Signed SSL Server Certificate. This creates a certificate that has the Friendly Name value vdm.

  • If the client's static content is served by the desktop, set up static content delivery. See Set Up Static Content Delivery.

  • Familiarize yourself with the Windows Certificate Store. See "Configure View Connection Server, Security Server, or View Composer to Use a New SSL Certificate" in the View Installation document.

Procedure

  1. In the Windows Certificate Store, navigate to Personal > Certificates.
  2. Double-click the certificate with Friendly Name vdm.
  3. Click on the Details tab.
  4. Copy the Thumbprint value.
  5. Start the Windows Registry Editor.
  6. Navigate to the registry key HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\VMware Blast\Config.
  7. Add a new String (REG_SZ) value, SslHash, to this registry key.
  8. Set the SslHash value to the Thumbprint value.