Home > Blogs > Horizon Tech Blog


SSL certs in Horizon Cloud on Azure

A while ago I wrote about Certificates and how to convert between different encodings (https://blogs.vmware.com/horizontech/2018/08/vmware-identity-manager-and-certificates.html). While the post was mainly for VMware Identity Manager customers many of VMware’s products make use of the same certificate basics.

Felix Block, @fligh_MUC, is a colleague of mine and he pointed out a couple Horizon Cloud specific requirements when it comes to certificates.. So here’s his notes on the topic.

The UAG (used to access Desktops and Apps via Internet) require during the setup a PEM encoded certificate. This certificate needs to have the private key and has to be in the following order: 

—–BEGIN RSA PRIVATE KEY—–
(Your Private Key: your_domain_name.key)
—–END RSA PRIVATE KEY—– 

—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate: your_domain_name.crt)
—–END CERTIFICATE—– 

—–BEGIN CERTIFICATE—–
(Your Intermediate certificate: Intermediate.crt)
—–END CERTIFICATE—– 

—–BEGIN CERTIFICATE—–
(Your Root certificate: TrustedRoot.crt)
—–END CERTIFICATE—–

You can change the UAG certificate after your installation in the Cloud Control Plane at any time

The Smartnode in Horizon Cloud on Azure can be used for internal access to your Desktops and Apps and require the certificate and key in separate files and not as PEM encoded certificate. Using the Smartnode for internal access is optional and therefore you may not need to update the certificate.

Make sure you extract the following parts to update the Smartnode certificate

CA Certificate (.crt), SSL Certificate (.crt) and Private Key (.key)

This entry was posted in Uncategorized on by .
Peter Bjork

About Peter Bjork

Peter Bjork is a Senior Staff Architect, Technical Marketing at VMware. He specializes in Identity and Access Management. He's widely appreciated as a speaker at events like VMworld, VMUG and vFORUM. He is the author of two books as well as numerous white papers and blog posts. When the work day is over, Peter volunteers as a Scout leader for the local Sea Scout troop outside Stockholm, Sweden. Twitter: @thepeb.

Leave a Reply

Your email address will not be published. Required fields are marked *

*