You can use properties in the setting-list section to configure application settings. All the properties are optional.

Property Description
screen_scaling Configures display scaling. Valid values are "1/2", "2/3", "3/4", "Auto-fit", or "No Scaling".
screen_resolution Configures the screen resolution. Valid values are "1024*768", "1280*1024", "1600*1200", "Auto-fit", or "No Scaling".
enable_log Activates or deactivates the log collection feature. Valid values are "true" or "false".
send_log_email The email address, for example, "[email protected]", to send log files. This email address appears in the To: field by default when a user uses the log collection feature. See Manually Retrieve and Send Horizon Client Log Files.
all_monitor Activates or deactivates multiple-monitor mode. Valid values are "true" or "false".
default_startscreen Configures the Horizon Client default view. Valid values are "recent" or "servers".
ssl_tls Configures the security protocol, or protocols, that Horizon Client uses. Valid values are "tlsv1.1", "tlsv1.2", or "tlsv1.1,tlsv1.2". If you specify this property without a valid value, "tlsv1.1,tlsv1.2" is used.
ssl_cipher_string Specifies the default TLS cipher control string.
security_mode Configures the certificate checking mode. Valid values are "verify", "warn", or "don't verify".
enable_h264 Activates or deactivates H.264 decoding. Valid values are "true" or "false".
enable_dpi_sync Activates or deactivates the DPI synchronization feature. Valid values are "true" or "false".
camera Specifies whether to use the front or back camera on the device. Valid values are "front" or "rear".
enable_unauthenticated_access Activates or deactivates the Unauthenticated Access feature. Valid values are "true" or "false".
check_signature

Specifies whether to run a verification check of the APK signature when users start Horizon Client. Valid values are "true" or "false".

If you do not specify this property, the value defaults to "true".

  • If you set the property to "true" but do not set the signatures property, the verification check compares the APK signature with the signature of the official VMware certificate.
  • If you set the property to "true" and also set the signatures property, the verification check compares the APK signature with the digest values specified in the signatures property.
signatures Specifies the array of custom signatures to compare the APK signature with when the check_signature property is set to "true". For each signature object in the array, you must specify values for algorithm and digest.
algorithm Specifies one or more hash algorithms used to generate the digest value of a custom signature. Valid values are "MD5", "SHA-1", and "SHA-256".
digest Specifies the digest value generated for a custom signature by a given hash algorithm.
enable_common_criteria_mode Set to "true" to enable Common Criteria Mode on the client.
Note: Do not set to "true" for Chromebook and x86 / x86-64 Android devices as they do not support Common Criteria Mode.
certificate_revocation_check Specifies the certificate revocation status check mode. There are three options:
  • strict - will not connect to servers when the certificate is revoked or unable to determine revocation status
  • normal - will not connect to servers when the certificate is revoked
  • ignore - will not check certificate revocation status
ssl_signature_algorithms Configure Signature Algorithms Extension in the Client Hello message of the TLS handshake.
ssl_supported_groups Configure Supported Groups Extension in the Client Hello message of the TLS handshake.
protocol_certificate_checking_mode The protocol (now only for Blast) certificate checking mode. There are four options:
  • thumbprint - only verify the thumbprint of the certificate
  • thumbprint or pki -verification will be successful if the thumbprint or the PKI is valid
  • pki and thumbprint - verification will be successful if both of the thumbprint and the PKI are valid
  • pki - only verify the PKI of the certificate
Note:

If CC Mode is enabled, set this option to pki and thumbprint or pki.

The following JSON configuration file example includes application properties in the setting-list section.

{
  "broker_list":
  {
    "settings": 
    {
      "server-list":
      [
        {"server":"123.456.1.1","description":"View Server 1","username":"User1","domain":"TestDomain1"},
        {"server":"123.456.1.2","description":"View Server 2","username":"User2","domain":"TestDomain2"}, 
        {"server":"123.456.1.3","description":"View Server 3","username":"User3","domain":"TestDomain3"}, 
        {"server":"viewserver4.mydomain.com","description":"View Server 4","username":"User4","domain":"TestDomain4"}
      ],
      "setting-list": 
      {
        "screen_resolution":"1024*768",
        "send_log_email":"[email protected]",
        "enable_h264":"true",
        "all_monitor":"true",
        "default_startscreen":"recent",
        "ssl_cipher_string":"!aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES",
        "ssl_tls":"tlsv1.1,tlsv1.2",
        "security_mode":"verify",
        "camera":"front",
        "enable_dpi_sync":"true",
        "enable_log":"false",
        "enable_unauthenticated_access":"true",
        "check_signature":"true",
        "signatures":   
        [
          {"algorithm":"MD5", "digest":"a0642affc522006584c00b8b3e6444e3"},
          {"algorithm":"SHA-1", "digest":"75e7603e5e619ead7e7ad1d18f9280473b133956"},
          {"algorithm":"SHA-256", "digest":"cc782f6be1975ac1ce959c3031300195e78297222ecf8bff7b27601c41fc3a85"}
        ],
        "enable_common_criteria_mode":"false",
        "certificate_revocation_check":"normal",
        "ssl_signature_algorithms":"RSA+SHA256",
        "ssl_supported_groups":"secp256r1",
        "protocol_certificate_checking_mode":"thumbprint or pki"
      }
    }
  }
}