Offline root CA, Horizon View and Revocation check issues
It happens that you log on to your environment and that the dashboard is red, all certificate signed servers are red. This happened to me this morning, returned to a project at a customer and logging on to the VMware Horizon View dashboard all servers coloured red. Investigating the debug log (copy the file before you can open it) showed that the revocation check failed.
At first I was baffled as it had been working fine for days already, the only thing we changed was that we added VMware NSX to the backend.. how can that be intrusive 😉 . It was not of any importance to the issue, the real problem was a configuration fault, very simple but very annoying when you don’t expect it. Let me explain.
Offline root
We run a internal Microsoft CA and we run a rootCA and a intermediateCA. The rootCA is offline for security reasons so the intermediate is the one doing all the work. Because of the root being offline the revocation check is not possible when it is expired, the root CA is handling this and he or she is offline not able to renew.
Read the entire article here, Offline root CA, Horizon View and Revocation check issues
via Rob Beekmans.net
White Papers
‘All You Need to Know About Microsoft Windows Nano Server’ Veeam White Paper
Now updated for Windows Server 2016 GA release! You probably heard about Windows Nano Server already … but what is it exactly, and how do you get started with it? What value will it bring to your environment? Nano Server is a headless, 64-bit only deployment option for Windows Server 2016. Microsoft created this component specifically with […]
Share this:
‘The Citrix Administrator’s Guide to Citrix ICA/HDX’ White Paper
‘The Technical Guide to Migrating from Citrix 6.5 to 7.x and Replacing EdgeSight’ White Paper
Complete Guide to Understanding the Citrix Logon Process
‘Securing IGEL OS Endpoints’ White Paper
‘Managing Java Application Performance in a Citrix Environment’ White Paper