To comply with industry or security regulations, you can replace the default SSL certificates that are generated by the HTML Access Agent with certificates that are signed by a Certificate Authority (CA).

About this task

When you install the HTML Access Agent on View desktops, the HTML Access Agent service creates default, self-signed certificates. The service presents the default certificates to browsers that use HTML Access to connect to View.


In the guest operating system on the desktop virtual machine, this service is called the VMware Blast service.

To replace the default certificates with signed certificates that you obtain from a CA, you must import a certificate into the Windows local computer certificate store on each View desktop. You must also set a registry value on each desktop that allows the HTML Access Agent to use the new certificate.

If you replace the default HTML Access Agent certificates with CA-signed certificates, VMware recommends that you configure a unique certificate on each desktop. Do not configure a CA-signed certificate on a parent virtual machine or template that you use to create a desktop pool. That approach would result in hundreds or thousands of desktops with identical certificates.