若要支援 HTML Access,您必須在以 Linux 為基礎的桌面平台上安裝 Apache Tomcat、nginx 套件和 HTML Access warball。請遵循本文所述適用於您 Linux 發行版的程序來進行。
備註: 執行
Horizon Agent 2111 或更新版本的 Linux 桌面平台上支援 Horizon Agent Direct-Connection 外掛程式。
為 Ubuntu/Debian 桌面平台設定 HTML Access
- 安裝 Apache Tomcat 軟體。
- 對於 Debian 12.x,請安裝 Tomcat 10。
sudo apt-get install tomcat10
- 對於其他 Debian 版本和 Ubuntu,請安裝 Tomcat 9。
sudo apt-get install tomcat9
- 對於 Debian 12.x,請安裝 Tomcat 10。
- 安裝 nginx 套件。
sudo apt-get install nginx
- 編輯 /etc/nginx/conf.d/vmwvadc.conf 組態檔案,使其包含以下內容。
server { listen 443 ssl; listen [::]:443 ssl; ###Enable https ssl_certificate /etc/vmware/ssl/rui.crt; ssl_certificate_key /etc/vmware/ssl/rui.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers !aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES; access_log /var/log/nginx/nginx.vadc.access.log; error_log /var/log/nginx/nginx.vadc.error.log; ###Add security settings proxy_cookie_path / "/; SameSite=Lax; HTTPOnly; Secure"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header X-XSS-Protection "1; mode=block"; ###Enable user certificate(smartcard) authentication #ssl_verify_client optional; #ssl_client_certificate /etc/vmware/ssl/trustCerts.pem; location /broker { ###Forward user certificate #proxy_hide_header SSL-CLIENT-VERIFY; #proxy_hide_header X-SSL-CERT; #proxy_set_header SSL-CLIENT-VERIFY $ssl_client_verify; #proxy_set_header X-SSL-CERT $ssl_client_cert; proxy_pass https://localhost:8443; proxy_ssl_certificate /etc/vmware/ssl/rui.crt; proxy_ssl_certificate_key /etc/vmware/ssl/rui.key; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } ###Enable Web Client location /portal/webclient { proxy_pass http://localhost:8080/portal/webclient; proxy_redirect http://$host:$server_port/ https://$host:$server_port/; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; add_header Content-Security-Policy "default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;connect-src 'self' wss:;frame-src 'self' blob:;child-src 'self' blob:;object-src 'self' blob:;frame-ancestors 'self'"; } location =/ { rewrite / /portal/webclient; } } - 從 VMware 下載頁面 https://my.vmware.com/web/vmware/downloads 下載 Horizon HTML Access portal.war zip 檔案。
導覽至您 VMware Horizon 版本的下載頁面。檔案名稱為 VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip,其中 YYMM 是行銷版本號碼,y.y.y 是內部版本號碼,而 xxxxxx 是組建編號。
- 部署 HTML Access warball。
- 對於 Debian 12.x,請執行下列命令。
#To get portal.war unzip VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip cp portal.war /var/lib/tomcat10/webapps chown tomcat: /var/lib/tomcat10/webapps/portal.war chmod 755 /var/lib/tomcat10/webapps/portal.war cp -r /var/lib/tomcat10/webapps/portal /var/lib/tomcat10/webapps/ROOT/
- 對於其他 Debian 版本和 Ubuntu,請執行下列命令。
#To get portal.war unzip VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip cp portal.war /var/lib/tomcat9/webapps chmod 755 /var/lib/tomcat9/webapps/portal.war
- 對於 Debian 12.x,請執行下列命令。
- 重新啟動機器以使變更生效。
為 RHEL/CentOS 桌面平台設定 HTML Access
- 安裝和設定 Tomcat 軟體。
- (僅限 RHEL 8.x) 在安裝 Tomcat 之前,請安裝最新的 Extra Packages for Enterprise Linux (EPEL) 版本。
yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
- 安裝 Tomcat,並為 Tomcat 設定安全增強式 Linux (SELinux) 設定。
sudo yum install tomcat /usr/lib/vmware/viewagent/vadc/tomcat_selinux.sh
- (僅限 RHEL 8.x) 在安裝 Tomcat 之前,請安裝最新的 Extra Packages for Enterprise Linux (EPEL) 版本。
- 安裝 nginx 套件。
- (僅限 RHEL/CentOS 7.x) 在安裝 nginx 之前,請安裝最新的 EPEL 版本。
yum install epel-release
- 安裝 nginx 套件。
yum install nginx
- (僅限 RHEL/CentOS 7.x) 在安裝 nginx 之前,請安裝最新的 EPEL 版本。
- 編輯 /etc/nginx/conf.d/vmwvadc.conf 組態檔案,使其包含以下內容。
server { listen 443 ssl; listen [::]:443 ssl; ###Enable https ssl_certificate /etc/vmware/ssl/rui.crt; ssl_certificate_key /etc/vmware/ssl/rui.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers !aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES; access_log /var/log/nginx/nginx.vadc.access.log; error_log /var/log/nginx/nginx.vadc.error.log; ###Add security settings proxy_cookie_path / "/; SameSite=Lax; HTTPOnly; Secure"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header X-XSS-Protection "1; mode=block"; ###Enable user certificate(smartcard) authentication #ssl_verify_client optional; #ssl_client_certificate /etc/vmware/ssl/trustCerts.pem; location /broker { ###Forward user certificate #proxy_hide_header SSL-CLIENT-VERIFY; #proxy_hide_header X-SSL-CERT; #proxy_set_header SSL-CLIENT-VERIFY $ssl_client_verify; #proxy_set_header X-SSL-CERT $ssl_client_cert; proxy_pass https://localhost:8443; proxy_ssl_certificate /etc/vmware/ssl/rui.crt; proxy_ssl_certificate_key /etc/vmware/ssl/rui.key; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } ###Enable Web Client location /portal/webclient { proxy_pass http://localhost:8080/portal/webclient; proxy_redirect http://$host:$server_port/ https://$host:$server_port/; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; add_header Content-Security-Policy "default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;connect-src 'self' wss:;frame-src 'self' blob:;child-src 'self' blob:;object-src 'self' blob:;frame-ancestors 'self'"; } location =/ { rewrite / /portal/webclient; } } - 從 VMware 下載頁面 https://my.vmware.com/web/vmware/downloads 下載 Horizon HTML Access portal.war zip 檔案。
檔案名稱為 VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip,其中 YYMM 是行銷版本號碼,y.y.y 是內部版本號碼,而 xxxxxx 是組建編號。
- 部署 HTML Access warball。
#To get portal.war unzip VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip sudo cp portal.war /var/lib/tomcat/webapps/ sudo chown tomcat: /var/lib/tomcat/webapps/portal.war sudo chmod -R 750 /var/lib/tomcat/webapps/portal.war
- 重新啟動機器以使變更生效。
為 SUSE 桌面平台設定 HTML Access
- 安裝和設定 Tomcat 軟體。
以下範例顯示在 SUSE 15 SP3 機器上安裝 Tomcat 的命令順序。在第一個命令列中,將範例位址取代為您 SUSE 版本的 Java 下載 URL。
sudo zypper addrepo https://download.opensuse.org/repositories/Java:packages/SLE_15_SP3/Java:packages.repo sudo zypper refresh sudo zypper install tomcat #Link tomcat.service to /usr/libexec/tomcat/server cd /usr/ sudo ln -s lib libexec
- 安裝 nginx 套件 (如果尚未安裝到 SUSE 系統上)。
sudo zypper addrepo -G -t yum -c 'http://nginx.org/packages/sles/15' nginx wget http://nginx.org/keys/nginx_signing.key sudo rpm --import nginx_signing.key sudo zypper install nginx
- 編輯 /etc/nginx/conf.d/vmwvadc.conf 組態檔案,使其包含以下內容。
server { listen 443 ssl; listen [::]:443 ssl; ###Enable https ssl_certificate /etc/vmware/ssl/rui.crt; ssl_certificate_key /etc/vmware/ssl/rui.key; ssl_protocols TLSv1.1 TLSv1.2; ssl_ciphers !aNULL:kECDH+AESGCM:ECDH+AESGCM:RSA+AESGCM:kECDH+AES:ECDH+AES:RSA+AES; access_log /var/log/nginx/nginx.vadc.access.log; error_log /var/log/nginx/nginx.vadc.error.log; ###Add security settings proxy_cookie_path / "/; SameSite=Lax; HTTPOnly; Secure"; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; add_header X-XSS-Protection "1; mode=block"; ###Enable user certificate(smartcard) authentication #ssl_verify_client optional; #ssl_client_certificate /etc/vmware/ssl/trustCerts.pem; location /broker { ###Forward user certificate #proxy_hide_header SSL-CLIENT-VERIFY; #proxy_hide_header X-SSL-CERT; #proxy_set_header SSL-CLIENT-VERIFY $ssl_client_verify; #proxy_set_header X-SSL-CERT $ssl_client_cert; proxy_pass https://localhost:8443; proxy_ssl_certificate /etc/vmware/ssl/rui.crt; proxy_ssl_certificate_key /etc/vmware/ssl/rui.key; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } ###Enable Web Client location /portal/webclient { proxy_pass http://localhost:8080/portal/webclient; proxy_redirect http://$host:$server_port/ https://$host:$server_port/; proxy_set_header Host $host:$server_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; add_header Content-Security-Policy "default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval' data:;style-src 'self' 'unsafe-inline';font-src 'self' data:;img-src 'self' data: blob:;media-src 'self' blob:;connect-src 'self' wss:;frame-src 'self' blob:;child-src 'self' blob:;object-src 'self' blob:;frame-ancestors 'self'"; } location =/ { rewrite / /portal/webclient; } } - 從 VMware 下載頁面 https://my.vmware.com/web/vmware/downloads 下載 Horizon HTML Access portal.war zip 檔案。
檔案名稱為 VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip,其中 YYMM 是行銷版本號碼,y.y.y 是內部版本號碼,而 xxxxxx 是組建編號。
- 部署 HTML Access warball。
#To get portal.war unzip VMware-Horizon-View-HTML-Access-YYMM-y.y.y-xxxxxx.zip cp portal.war /usr/share/tomcat/webapps/
- 重新啟動機器以使變更生效。
