To change the global acceptance and proposal policies for security protocols and cipher suites, you use the ADSI Edit utility to edit Horizon LDAP attributes.

Note: The pae-ServerSSLSecureProtocols and pae-ClientSSLSecureProtocols do not exist until you create them yourself.

Prerequisites

Procedure

  1. Start the ADSI Edit utility on your Connection Server computer.
  2. In the console tree, select Connect to.
  3. In the Select or type a Distinguished Name or Naming Context text box, enter the distinguished name DC=vdi, DC=vmware, DC=int.
  4. In the Select or type a domain or server text box, select or enter localhost:389 or the fully qualified domain name (FQDN) of the Connection Server computer followed by port 389.
    For example: localhost:389 or mycomputer.mydomain.com:389
  5. Expand the ADSI Edit tree, expand OU=Properties, select OU=Global, and select CN=Common in the right pane.
  6. On the object CN=Common, OU=Global, OU=Properties, select each attribute that you want to change and enter the new list of security protocols or cipher suites.
  7. Restart the Windows service VMware Horizon Security Gateway Component on each Connection Server instance if you modified pae-ServerSSLSecureProtocols.
    You do not need to restart any service after modifying pae-ClientSSLSecureProtocols.