Chapter 14. Managing Horizon SSL Certificates
VMware Horizon, similar to many other applications that require SSL-based encryption, installs self-signed SSL certificates by default. A self-signed certificate is one that is signed by the creator, in this case the VMware Horizon component that is being installed. While self-signed certificates do enable secure communications, by default they will not be trusted by any client or server who connects to them. An untrusted certificate leads to the familiar There is a problem with this website's security certificate message in Microsoft Internet Explorer, or the The host name in the certificate is invalid or does not match message in the VMware Horizon client.
In addition, the default self-signed SSL certificates may have a smaller key length than what is required within your organization; this is something that can only be addressed by replacing them after the installation has completed.
While it is possible to add exceptions...
