The PSG identifies the TLS certificate to use by means of the server name and certificate Friendly name. You must set the Friendly name value in the Windows registry on the Connection Server computer on which the PSG is running.

The certificate Friendly name vdm is used by all Connection Server instances. By contrast, you can configure your own certificate Friendly name for the PSG certificate. You must configure a Windows registry setting to enable the PSG to match the correct name with the Friendly name that you will set in the Windows certificate store.

The PSG can use the same TLS certificate as the server on which the PSG is running. If you configure the PSG to use the same certificate as the server, the Friendly name must be vdm.

The Friendly name value, in both the registry and the Windows certificate store, is case sensitive.

Prerequisites

Procedure

  1. Start the Windows Registry Editor on the Connection Server computer where the PCoIP Secure Gateway is running.
  2. Navigate to the HKEY_LOCAL_MACHINE\SOFTWARE\Teradici\SecurityGateway registry key.
  3. Add a new String (REG_SZ) value, SSLCertWinCertFriendlyName, to this registry key.
  4. Modify the SSLCertWinCertFriendlyName value and type the certificate Friendly name to be used by the PSG.
    For example: pcoip
    If you use the same certificate as the server, the value must be vdm.
  5. Restart the VMware Horizon PCoIP Secure Gateway service to make your changes take effect.

What to do next

Verify that client devices continue to connect to the PSG.

If you are using a security scanner for compliance testing, scan the PSG port.