To import an internal root CA certificate on a Windows host, you export the certificate from your Horizon FLEX server and import it to the Windows computer.

Become familiar with how to install and use the MMC Certificates snap-in on a Windows system. For more information, go to the Windows TechNet Web site at http://technet.microsoft.com.

Obtain and install an internal CA certificate. You can use the Windows MMC Certificates snap-in to request a certificate.

Install Windows IIS.

1

Export the root CA certificate from your Horizon FLEX server.

a

On the Horizon FLEX server, start MMC (mmc.exe), add the Certificates snap-in for a computer account, and manage certificates for the local computer.

b

Select File > Add/Remove Snap-in.

c

Click the Certificates snap-in and click Add.

d

On the Certificates snap-in display, select Computer account and click Next.

This setting is required by the Horizon FLEX server.

e

Select Local Computer and click Finish and then OK.

f

In the left navigation pane, expand Certificates (Local Computer).

g

Right-click on Trusted Root Certification Authorities and select All Tasks > Import.

The Certificate Import Wizard opens.

h

Click Next.

i

Browse for the root certificate file and click Next.

j

Select Place all certificates in the following store: Trusted Root Certification Authorities and click Next, then click Finish.

k

Navigate to Trusted Root Certification Authorities > Certificates.

l

Select and export the root CA certificate.

Export the certificate in DER-encoded binary X.509 (.CER) format.

2

Copy the root CA certificate to the Windows computer.

3

Import the root CA certificate to the Windows computer.

a

On the Windows computer, start MMC (mmc.exe).

b

Add the Certificates snap-in for the computer account and manage certificates for the local computer.

c

Import the root CA certificate into Trusted Root Certification Authorities > Certificates.

The root CA certificate is now trusted for all users.