To enable smart card authentication, you must modify Connection Server configuration properties on your Connection Server.


Add the CA (certificate authority) certificates for all trusted user certificates to a server truststore file. These certificates include root certificates and can include intermediate certificates if the user's smart card certificate was issued by an intermediate certificate authority.


  1. Create or edit the file in the TLS/SSL gateway configuration folder on the Connection Server host.
    For example: install_directory\VMware\VMware View\Server\sslgateway\conf\
  2. Add the trustKeyfile, trustStoretype, and useCertAuth properties to the file.
    1. Set trustKeyfile to the name of your truststore file.
    2. Set trustStoretype to jks.
    3. Set useCertAuth to true to enable certificate authentication.
  3. Restart the Connection Server service to make your changes take effect.

Example: File

The file shown specifies that the root certificate for all trusted users is located in the file lonqa.key, sets the trust store type to jks, and enables certificate authentication.


What to do next

If you configured smart card authentication for a Connection Server instance, configure smart card authentication settings in Horizon Console.