To replace a default HTML Access Agent certificate with a CA-signed certificate, you must import the CA-signed certificate into the Windows local computer certificate store. Perform this procedure on each remote desktop where the HTML Access Agent is installed.
- Verify that the HTML Access Agent is installed on the remote desktop.
- Verify that the CA-signed certificate was copied to the remote desktop.
- Verify that the Certificate snap-in was added to MMC. See Add the Certificate Snap-In to MMC on a Remote Desktop.
- In the MMC window on the remote desktop, expand the Certificates (Local Computer) node and select the Personal folder.
- In the Actions pane, go to .
- In the Certificate Import wizard, click Next and browse to the location where the certificate is stored.
- Select the certificate file and click Open.
To display your certificate file type, you can select its file format from the File name drop-down menu.
- Type the password for the private key that is included in the certificate file.
- Select Mark this key as exportable.
- Select Include all extendable properties.
- Click Next and click Finish.
The new certificate appears in thefolder.
- Verify that the new certificate contains a private key.
- In the folder, double-click the new certificate.
- In the General tab of the Certificate Information dialog box, verify that the following statement appears: You have a private key that corresponds to this certificate.
What to do next
If necessary, import the root certificate and intermediate certificates into the Windows certificate store. See Import Root and Intermediate Certificates for the HTML Access Agent.
Configure the appropriate registry key with the certificate thumbprint. See Set the Certificate Thumbprint in the Windows Registry.