Below process only outline how to replace/change certificate on Horizon View Connection Server.
For process of generating request for certificate, we can refer to this KB article. https://kb.vmware.com/s/article/2068666
- RDP into connection server. Open up mmc.exe
- Click on File->Add/Remove Snap-in.
- Select Certificate->Add. In the pop up window, select Computer Account. In the next screen, keep selecting Local Computer and then click finish. Click ok.
- Expand Certificate and then Personal folder.
- Right Click on Personal->All tasks->Import. Browse Certificate file (.pfx )
- Put you password. Make sure to select Option “Mark this key as exportable“.
- Once finish. Message will pop up that import is successful. We can see newly imported certificate under Personal->Certificate folder in mmc.
- Rename the old certificate from vdm to any other name.
- Restart the connection server or just restarting horizon service by the name ‘ VMware Horizon View Connection Server ‘ from services.msc is sufficient for new certificate to take effect.
Few things to keep in mind while changing certificate:
a) We have to make certificate change individually one by one on all connection servers.
b)If the connection server(s) is behind Access point, we have to change thumbprint of connection server VIP on Access point by logging to each Access point. It can be changed under Horizon setting in the field ‘horizon connection server URL thumbprint’.
c) We don’t have view composer. This above method is for without view composer.
Virtualization blog 