Securing the XenDesktop® to XenServer® communications

When XenDesktop is installed on XenServer, you need to secure the communications between these two. You will need to replace the default SSL certificate on XenServer.

To replace the default certificate on XenServer, perform the following steps:

  1. Log in to XenServer and get to a command prompt.
  2. Modify /etc/pki/tls/openssl.cnf as follows:
    • Uncomment the following line:
      req_extensions = v3_req
    • Modify the request section as follows:
      [v3_req]
basicConstraints = CA:FALSE
keyUsage = keyEncipherment
extendedKeyUsage = serverAuth
  3. Generate a certificate request as follows:
    openssl genrsa –out [servername].private 2048 openssl req –new –outform PEM –out [servername].request –keyform PEM –key [servername].private ...

Get Getting Started with XenDesktop® 7.x now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial