Import a Signed Certificate by Using Certreq

When you have a signed certificate from a CA, you can import the certificate into the Windows local computer certificate store on the Horizon 8 server host.

If you used the certreq utility to generate a CSR, the certificate private key is local to the server on which you generated the CSR. To work correctly, the certificate must be combined with the private key. Use the certreq command shown in this procedure to ensure that the certificate and private key are properly combined and imported into the Windows certificate store.

If you use another method to obtain a signed certificate from a CA, you can use the Certificate Import wizard in the Microsoft Management Console (MMC) Snap-in to import a certificate into the Windows certificate store. This method is described in "Configuring TLS Certificates for Horizon 8 Servers" in the Horizon Installation and Upgrade document.

Prerequisites

Verify that you received a signed certificate from a CA. See Generate a CSR and Request a Signed Certificate from a CA.
Perform the certreq operation described in this procedure on the computer on which you generated a CSR and stored the signed certificate.

Procedure

Open a command prompt by right-clicking on Command Prompt in the Start menu and selecting Run as administrator.
Navigate to the directory where you saved the signed certificate file such as cert.cer.
For example: cd c:\certificates
Import the signed certificate by running the certreq -accept command.
For example: certreq -accept cert.cer

Results

The certificate is imported into the Windows local computer certificate store.

What to do next

Configure the imported certificate to be used by a Horizon 8 server. See Set Up an Imported Certificate for a Horizon 8 Server.