Security-related settings are provided in Horizon LDAP under the object path cn=common,ou=global,ou=properties,dc=vdi,dc=vmware,dc=int. You can use the ADSI Edit utility to change the value of these settings on a connection broker instance. The change propagates automatically to all other connection broker instances in a group.
Name-value pair | Description |
---|---|
keysize | The attribute is pae-MSGSecOptions . When the message security mode is set to Enhanced, TLS is used to secure JMS connections rather than using per-message encryption. In enhanced message security mode, validation applies to only one message type.
For enhanced message mode, VMware recommends a key size of 2048 bits.
|
Auto-renew self-signed certificates
You can set the number of days before certificate expiry to auto-renew self-signed certificates with the pae-managedCertificateAdvanceRollOver
attribute.
Specify a value to replace the self-signed certificate with a future or pending certificate within the specified number of days prior to the current certificate expiration.
By default this value is not set. The valid range is 1-90.