Installation and Setup Guide
Table Of Contents
- VMware Horizon Client for Linux Installation and Setup Guide
- Contents
- VMware Horizon Client for Linux Installation and Setup Guide
- System Requirements and Installation
- System Requirements for Linux Client Systems
- System Requirements for Real-Time Audio-Video
- System Requirements for Multimedia Redirection (MMR)
- Requirements for Using Flash URL Redirection
- Requirements for Using Skype for Business with Horizon Client
- Smart Card Authentication Requirements
- Supported Desktop Operating Systems
- Preparing Connection Server for Horizon Client
- Installation Options
- Install or Upgrade Horizon Client for Linux from VMware Product Downloads
- Install Horizon Client for Linux from the Ubuntu Software Center
- Configure VMware Blast Options
- Horizon Client Data Collected by VMware
- Configuring Horizon Client for End Users
- Common Configuration Settings
- Using the Horizon Client Command-Line Interface and Configuration Files
- Using URIs to Configure Horizon Client
- Configuring Certificate Checking for End Users
- Configuring Advanced TLS/SSL Options
- Configuring Specific Keys and Key Combinations to Send to the Local System
- Using FreeRDP for RDP Connections
- Enabling FIPS Compatible Mode
- Configuring the PCoIP Client-Side Image Cache
- Managing Remote Desktop and Application Connections
- Using a Microsoft Windows Desktop or Application on a Linux System
- Troubleshooting Horizon Client
- Configuring USB Redirection on the Client
- Index
n
Has the certicate expired, or is it valid only in the future? That is, is the certicate valid according to
the computer clock?
n
Does the common name on the certicate match the host name of the server that sends it? A mismatch
can occur if a load balancer redirects Horizon Client to a server that has a certicate that does not match
the host name entered in Horizon Client. Another reason a mismatch can occur is if you enter an IP
address rather than a host name in the client.
n
Is the certicate signed by an unknown or untrusted certicate authority (CA)? Self-signed certicates
are one type of untrusted CA.
To pass this check, the certicate's chain of trust must be rooted in the device's local certicate store.
N For information about distributing a self-signed root certicate that users can install on their Linux
client systems, see the Ubuntu documentation.
Horizon Client uses the PEM-formaed certicates stored in the /etc/ssl/certs directory on the client
system. For information about importing a root certicate stored in this location, see "Importing a Certicate
into the System-Wide Certicate Authority Database" in the document at
hps://help.ubuntu.com/community/OpenSSL.
In addition to presenting a server certicate, the server also sends a certicate thumbprint to Horizon Client.
The thumbprint is a hash of the certicate public key and is used as an abbreviation of the public key. If the
server does not send a thumbprint, you see a warning that the connection is untrusted.
If your Horizon administrator has allowed it, you can set the certicate checking mode. To set the certicate
checking mode, start Horizon Client and select File > Preferences from the menu bar. You have three
choices:
n
Never connect to untrusted servers. If any of the certicate checks fails, the client cannot connect to the
server. An error message lists the checks that failed.
n
Warn before connecting to untrusted servers. If a certicate check fails because the server uses a self-
signed certicate, you can click Continue to ignore the warning. For self-signed certicates, the
certicate name is not required to match the server name you entered in Horizon Client.
n
Do not verify server identity . This seing means that no certicate checking occurs.
Chapter 3 Managing Remote Desktop and Application Connections
VMware, Inc. 57