User manual
Table Of Contents
- Using VMware Horizon Client for Mac
- Contents
- Using VMware Horizon Client for Mac
- Setup and Installation
- System Requirements for Mac Clients
- System Requirements for Real-Time Audio-Video
- Smart Card Authentication Requirements
- Touch ID Authentication Requirements
- Requirements for URL Content Redirection
- Supported Desktop Operating Systems
- Preparing Connection Server for Horizon Client
- Install Horizon Client on Mac
- Upgrade Horizon Client Online
- Add Horizon Client to Your Dock
- Configuring Certificate Checking for End Users
- Configure Advanced TLS/SSL Options
- Configuring Log File Collection Values
- Configure VMware Blast Options
- Horizon Client Data Collected by VMware
- Using URIs to Configure Horizon Client
- Managing Remote Desktop and Application Connections
- Connect to a Remote Desktop or Application
- Setting the Certificate Checking Mode for Horizon Client
- Configure Horizon Client to Select a Smart Card Certificate
- Share Access to Local Folders and Drives
- Clicking URL Links That Open Outside of Horizon Client
- Open a Recent Remote Desktop or Application
- Connecting to a Server When Horizon Client Starts
- Configure Horizon Client to Forget the Server User Name and Domain
- Hide the VMware Horizon Client Window
- Configure Keyboard Shortcut Mappings
- Configure Mouse Shortcut Mappings
- Configure Horizon Client Shortcuts
- Searching for Desktops or Applications
- Select a Favorite Remote Desktop or Application
- Switch Desktops or Applications
- Log Off or Disconnect
- Using a Touch Bar with Horizon Client
- Autoconnect to a Remote Desktop
- Configure Reconnect Behavior for Remote Applications
- Removing a Server Shortcut from the Home Screen
- Reordering Shortcuts
- Using a Microsoft Windows Desktop or Application on a Mac
- Feature Support Matrix for Mac
- Internationalization
- Monitors and Screen Resolution
- Using Exclusive Mode
- Connect USB Devices
- Using the Real-Time Audio-Video Feature for Webcams and Microphones
- Copying and Pasting Text and Images
- Using Remote Applications
- Saving Documents in a Remote Application
- Printing from a Remote Desktop or Application
- PCoIP Client-Side Image Cache
- Troubleshooting Horizon Client
- Index
Setting the Certificate Checking Mode for Horizon Client
Administrators and sometimes end users can congure whether client connections are rejected if any or
some server certicate checks fail.
Certicate checking occurs for SSL connections between Connection Server and Horizon Client. Certicate
verication includes the following checks:
n
Is the certicate intended for a purpose other than verifying the identity of the sender and encrypting
server communications? That is, is it the correct type of certicate?
n
Has the certicate expired, or is it valid only in the future? That is, is the certicate valid according to
the computer clock?
n
Does the common name on the certicate match the host name of the server that sends it? A mismatch
can occur if a load balancer redirects Horizon Client to a server that has a certicate that does not match
the host name entered in Horizon Client. Another reason a mismatch can occur is if you enter an IP
address rather than a host name in the client.
n
Is the certicate signed by an unknown or untrusted certicate authority (CA)? Self-signed certicates
are one type of untrusted CA.
To pass this check, the certicate's chain of trust must be rooted in the device's local certicate store.
N For information about distributing a self-signed root certicate and installing it on Mac client
systems, see the Advanced Server Administration document for the Mac Server that you are using, which is
available from the Apple Web site.
In addition to presenting a server certicate, Connection Server also sends a certicate thumbprint to
Horizon Client. The thumbprint is a hash of the certicate public key and is used as an abbreviation of the
public key. If Connection Server does not send a thumbprint, you see a warning that the connection is
untrusted.
If your administrator has allowed it, you can set the certicate checking mode. Select VMware Horizon
Client > Preferences from the menu bar. You have three choices:
n
Never connect to untrusted servers. If any of the certicate checks fails, the client cannot connect to the
server. An error message lists the checks that failed.
n
Warn before connecting to untrusted servers. If a certicate check fails because the server uses a self-
signed certicate, you can click Continue to ignore the warning. For self-signed certicates, the
certicate name is not required to match the server name you entered in Horizon Client.
n
Do not verify server identity . This seing means that no certicate checking occurs.
If the certicate checking mode is set to Warn, you can still connect to a Connection Server instance that uses
a self-signed certicate.
If an administrator later installs a security certicate from a trusted certicate authority, so that all certicate
checks pass when you connect, this trusted connection is remembered for that specic server. In the future,
if that server ever presents a self-signed certicate again, the connection fails. After a particular server
presents a fully veriable certicate, it must always do so.
Chapter 3 Managing Remote Desktop and Application Connections
VMware, Inc. 29