Configuring SSL Certificates for View Servers
You can configure SSL certificates for authentication of View Connection Server instances, security servers, and View Transfer Server instances.
A default SSL server certificate is generated when you install View Connection Server instances, security servers, or View Transfer Server instances. You can use the default certificate for testing purposes.
Replace the default certificate as soon as possible. The default certificate is not signed by a Certificate Authority (CA). Use of certificates that are not signed by a CA can allow untrusted parties to intercept traffic by masquerading as your server.
If you configure smart card authentication in VMware View, client-facing View Connection Server instances and security servers require a root CA certificate in addition to an SSL server certificate.
You can request an SSL server certificate that is specific to a web domain such as www.mycorp.com. or you can request a wildcard SSL server certificate that can be used throughout a domain such as *.mycorp.com. To simplify administration, you might choose to request a wildcard certificate if you need to install
the certificate on multiple servers or in different subdomains. It is more usual to use domain-specific certificates in secure installations, and CAs usually guarantee more protection against losses for domain-specific certificates than for wildcard certificates. If you use a wildcard certificate, you need to ensure that the private key is transferrable between servers.
When you replace the default certificate with your own certificate, clients use your certificate to authenticate the server. If your certificate is signed by a CA, the certificate for the CA itself is typically embedded in the browser or is located in a trusted database that the client can access. After a client accepts the certificate, it responds by sending a secret key, which is encrypted with the public key contained in the certificate. The secret key is used to encrypt traffic between the client and the server.
You follow different procedures to configure certificates for use with View Connection Server and security server than you do for View Transfer Server. In addition, you can configure different levels of SSL security checking in View Client for Windows.