You can edit View LDAP on Connection Server to configure a timeout for generating certificates and whether to enable load balancing certificate requests between enrollment server (recommended).
To change the advanced configuration settings, you must use ADSI Edit on a Connection Server host. You can connect by typing in the distinguished name DC=vdi, DC=vmware, DC=int as the connection point, and typing in the server name and port for the computer localhost:389. Expand OU=Properties, select OU=Global, and double-click CN=Common in the right pane.
You can then edit the pae-NameValuePair attribute to add one or more of the values listed in the following table. You must use the syntax name=value when adding values.
Registry Key | Description |
---|---|
cs-view-certsso-enable-es-loadbalance=[true|false] | Specifies whether to enable load balancing CSR requests between two enrollment servers. The default is false. For example, add cs-view-certsso-enable-es-loadbalance=true to enable load balancing so that when certificate requests arrive, the connection server will use alternate enrollment servers,. Each enrollment server can service the requests using the local CA, if you have the enrollment server and CA on the same host. |
cs-view-certsso-certgen-timeout-sec=number | Amount of time to wait for generating a certificate after receiving a CSR, in seconds. The default is 35. |