By default, the Horizon Agent for Linux installer generates a self-signed certificate for the VMwareBlastServer daemon, which handles communications with clients using the Blast display protocol. To comply with industry or security regulations, you can replace the self-signed certificate for VMwareBlastServer with a certificate that is signed by a Certificate Authority (CA).
- When the Blast Security Gateway is not enabled on the Horizon Connection Server, VMwareBlastServer presents the default self-signed certificate to the browser that uses HTML Access to connect to the Linux desktop.
- When the Blast Security Gateway is enabled on the Horizon Connection Server, the Blast Security Gateway presents its certificate to the browser.
To replace the default self-signed certificate for VMwareBlastServer with a CA-signed certificate, complete the following steps.