Updating SSL certificates on View Connection servers

While playing with SSL certs on View servers I found one of my Connection servers would start all of its services, but not start listening on 443.

Note that netstat can be used to determine if something listening on 443:

C:Usersadministrator>netstat -ano |find "443"
 TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 3096
 TCP 0.0.0.0:8443 0.0.0.0:0 LISTENING 3320
 TCP [::]:443 [::]:0 LISTENING 3096
 TCP [::1]:443 [::1]:56154 ESTABLISHED 3096
 TCP [::1]:443 [::1]:56155 ESTABLISHED 3096
 TCP [::1]:56154 [::1]:443 ESTABLISHED 4188
 TCP [::1]:56155 [::1]:443 ESTABLISHED 4188

Digging around in the View log I found:

ERROR (0DFC-0FBC) <Thread-1> [u] Couldn't create SSL socket factory for preferred protocol TLSv1.1: Private key is not exportable

Turns out, when you import the SSL cert you need to remember to check the “Mark this key as exportable” option:

ViewSSL

 

Or you’ll run into this problem.  To resolve find the certificate in Certificates (Local Computer)PersonalCertification, delete the old one and re-import.

ViewSSL2

This entry was posted in Computing, Virtualization, VMware and tagged , , , , . Bookmark the permalink.

One Response to Updating SSL certificates on View Connection servers

  1. Pingback: Updating SSL certificates on View Connection servers (SOS tech) | VMware News

Leave a Reply