You must add the root certificate for all trusted users to a server truststore file so that View Connection Server instances and security servers can authenticate smart card users and connect them to their View desktops.

Obtain the root certificate from the CA that signed the certificates on the smart cards presented by your users. See Obtain the Root Certificate from the CA.

Verify that the keytool utility is added to the system path on your View Connection Server or security server host. See the VMware View Installation document for more information.

1

On your View Connection Server or security server host, use the keytool utility to import the root certificate into the server truststore file.

For example: keytool -import -alias alias -file root_certificate -keystore truststorefile.key

In this command, alias is a unique case-insensitive name for a new entry in the truststore file, root_certificate is the root certificate that you obtained or exported, and truststorefile.key is the name of the truststore file that you are adding the root certificate to. If the file does not exist, it is created in the current directory.

Note

The keytool utility might prompt you to create a password for the truststore file. You will be asked to provide this password if you need to add additional certificates to the truststore file at a later time.

2

Copy the truststore file to the SSL gateway configuration folder on the View Connection Server or security server host.

For example: install_directory\VMware\VMware View\Server\sslgateway\conf\truststorefile.key

Modify View Connection Server configuration properties to enable smart card authentication.