VMware Horizon View SSL Errors on Upgrade
After upgrading my VMware Horizon View 7 deployment to VMware Horizon View 7.0.1 I was receiving the following errors in the C:\ProgramData\VMware\VDM\logs log files.
KeyVault CertOpenStore FAILED for store=VMware Horizon View Certificates, error=19 (The media is write protected.)
Unable to open certificate store VMware Horizon View Certificates: 19 (The media is write protected.)
[BrokerSSLSocketFactory] Failed to create Broker Certificate Failed to get thumbprints: Add self-signed certificate: Unable to open certificate store VMware Horizon View Certificates: 19 (The media is write protected.) – ErrorCode = 19
[JMXServer] Could not instantiate the Ice Server Mbean
This is the location for the VMware Horizon View log files. I was unable to access the console so could not check it for errors. Basically the security server that is built in to the Connection Server when using this simple deployment could not load the SSL certificates that I had installed for VMware Horizon View.
I initially made sure that my certificate still had ‘vdm’ as the friendly name, this is required to specify the certificate to use for VMware Horizon View.
Then I found a few VMware KB’s that referenced VMware Horizon View 5.1 that said this may be due to the config files in C:\Program Files\VMware\VMware View\Server\sslgateway\conf so I tried removing these and this was also unsuccessful.
So as a last point of troubleshooting I removed the VMware Horizon View Connection Server in Control Panel. This does not actually store the configuration for VMware Horizon View. The configuration information is stored in the AD LDS Instance as you can see below called AD LDS Instance VMware VDMDS. Make sure you DO NOT remove this if you want to keep your existing configuration.
You will now need to proceed to the setup as normal, you may need to re-enable HTML access via the installer. You will be prompted with the following message when setting this up –
If you want to keep your existing configuration you need to select OK here. After rebooting the server at the end of the setup I was pleased to find this had resolved the issue! You will now be able to log back in to the console and as you can see my deployment was still in place.