You can configure the certificate checking mode for end users. For example, you can configure that full verification is always performed. Certificate checking occurs for TLS connections between a server and Horizon Client.

You can configure one of the following certificate verification strategies for end users.

  • End users are allowed to select the certificate checking mode in Horizon Client.

  • (No verification) No certificate checks are performed.

  • (Warn) If the server presents a self-signed certificate, end users are warned. Users can determine whether to allow this type of connection.

  • (Full security) Full verification is performed and connections that do not pass full verification are rejected.

For information about the types of certificate checks that can be performed, see Setting the Certificate Checking Mode in Horizon Client.

To set the default certificate checking mode, set the view.sslVerificationMode key in the /etc/vmware/view-mandatory-config file on the Linux client to one of the following values.

  • 1 implements Full Verification.

  • 2 implements Warn If the Connection May Be Insecure.

  • 3 implements No Verification Performed.

To configure the certificate checking mode so that end users cannot change it, set the view.allowSslVerificationMode property to "False" in the /etc/vmware/view-mandatory-config file on the client system. See Horizon Client Configuration Settings and Command-Line Options.