VMware True SSO – Export and import of the Enrollment Service Client Certificate

Release date: December 13th 2020

Welcome to my VMware True SSO (single sign-on) series. In this sub-section I will describe how I exported the Enrollment Service Client certifcate from my VMware Horizon Connection Server and imported this on my Enrollment server. This is a basic export and import routine done with the Certificate MMC.

I log in on my Connection Server and launch the Certificates MMC, export the certificate from the VMware Horizon Certificates\Certificates folder

I won’t be exporting the private key for this certificate

I select a location and filename, Next…

I can now proceed with copying the certificate to my Enrollment server and importing the above exported certificate. In the Certificates MMC, I select Import on the VMware Horizon View Enrollment Server Trusted Roots folder

I select the certificate-file I copied from my Connection Server, Next…

I right-click the imported certificate and add a friendly name such as vdm.ec (Enrollment Client certificate)

My next step will be to configure SAML Authentication on my Connection Server and configure True SSO in WS One Access , this I have covered here: Connection Server and WS One Access configuration for True SSO

My VMware True SSO Lab Set Up

VMware Horizon (2006) documentation: Setting Up True SSO

VMware Workspace ONE and VMware Horizon Reference Architecture

Disclaimer: Every tips/tricks/posting I have published here, is tried and tested in different it-solutions. It is not guaranteed to work everywhere, but is meant as a tip for other users out there. Remember, Google is your friend and don’t be afraid to steal with pride! Feel free to comment below as needed.

%d bloggers like this: