Update VMware Horizon View SSL Certs with your own Windows Domain CA Certificates using PowerShell

Well, this script was different. Unlike the other posts in this series, I was required to use only Microsoft command line tools instead of OpenSSL. Not that I’m opposed to using certreq and certutil — I actually started this whole cert automation project to see if it was possible to use only these tools and PowerShell, but ultimately it appeared that for whatever crypto reason, OpenSSL was required for the replacement of vSphere SSL certs.

So it was especially surprising to me that no matter how I imported/exported the OpenSSL generated keys, nothing worked until I used certreq and certutil. If anyone knows the reasons, I’d love to hear them.

ReplaceSSL-View.ps1 backs up the old certificate found in your Machine Certificate Store, adds a new one with the proper FriendlyName “vdm” and restarts all View services.

Download ReplaceSSL-View.ps1

All SSL Certificate Replacement Posts and Scripts in this Series

vSphere 4.1-5.0 SSL Generation and Replacement Post Script
vSphere 5.1 SSL Generation and Replacement Post Script
ESX Certificate Generation and Upload Post Script
NetApp Virtual Storage Console SSL Generation and Replacement Post Script
Site Recovery Manager SSL Generation and Replacement Post Script
VMware View Composer SSL Generation and Replacement Post Script
VMware Horizon View SSL Generation and Replacement Post Script

Chrissy is a PowerShell MVP who has worked in IT for nearly 20 years, and currently serves as a Sr. Database Engineer in Belgium. Always an avid scripter, she attended the Monad session at Microsoft’s Professional Developers Conference in Los Angeles back in 2005 and has worked and played with PowerShell ever since. Chrissy is currently pursuing an MS in Systems Engineering at Regis University and helps maintain RealCajunRecipes.com in her spare time. She holds a number of certifications, including those relating to SQL Server, SuSE Linux, SharePoint and network security. She recently became co-lead of the SQL PASS PowerShell Virtual Chapter. You can follow her on Twitter at @cl.

Posted in PowerShell, Security, VMware
One comment on “Update VMware Horizon View SSL Certs with your own Windows Domain CA Certificates using PowerShell
  1. Adam says:

    Just a note, I was manually updating certs for Horizon View a few weeks ago and went through a CA upgrade and migration because of it.

    One of the recommendations I saw and took advantage of was to disable remote certificate approval for webserver certs so that not just any joe blow can get a request approved automatically.

    I know that the scripts aren’t going to account for that potential, but it threw me off a little bit when I went to upgrade VSC on my vCenter box.

    Again, thank you for the scripts. They’re appreciated.

Leave a Reply

Your email address will not be published. Required fields are marked *

*