The second step in automating SSL certificate install is creating the post sysprep script/batch file and copying the certificate.

Use post build configuration script "SetupComplete.cmd "to import the SSL certificate and configure the VMware HTML Access registry (applies to Windows 7 and later).

For example:

  • Copy the SSL certificate file under C: drive. For this example, the "C:\desktone_ca_cert" file.
  • Create a file SetupComplete.cmd under "%WINDIR%\Setup\Scripts\" folder. Create "Scripts" folder if it does not exist.
  • Add following commands in SetupComplete.cmd file. The thumbprint value is what you copied above.
  • Note that if you have root certificate and intermediate certificates in the certificate chain, then you need to add appropriate CertUtil commands in batch file.
    CertUtil  -importPFX -f  -p "<password>" "C:\desktone_ca_cert.pfx"
            reg add "HKLM\SOFTWARE\VMware, Inc.\VMware Blast\Config" /f /v "SslHash" /t REG_SZ /d "31 2a 32 50 1a 0b 34 b1 65 46 13 a8 0a 5e f7 43 6e a9 2c 3e"
    del /F /Q "C:\desktone_ca_cert.pfx"
    del /F /Q "%systemroot%\setup\scripts\SetupComplete.cmd"
  • Save the SetupComplete.cmd file. You can test the SetupComplete.cmd file on test machine.