![]() New connections from blacklisted clients are delayed for a configurable period before being processed so that connections from other clients take priority. Optionally, the client that is responsible for an over-running TLS handshake can be automatically added to a blacklist. You can adjust the time for TLS handshakes on port 443 by setting the configuration property handshakeLifetime. In previous releases of VMware Horizon, TLS handshakes on port 443 were allowed 100 seconds to complete in all situations. TLS handshakes on port 443 must complete within 10 seconds, or within 100 seconds if smart card authentication is enabled. If this traffic is blocked during installation or upgrade, installation will not succeed. For more information, see Horizon Security.Ĭonnection Server must be able to communicate on port 32111 with other Connection Servers in the same pod. It is possible that the ordering of cipher suites can be enforced by Connection Server. You might not be able to connect to vSphere unless you apply vSphere patches. VMware Horizon uses only TLSv1.1 and TLSv1.2. ![]() For more information, see Create a Replicated Group After Reverting Connection Server to a Snapshot. To revert to a previous version after an upgrade, restore from backup. CA-signed certificates will continue to work after you upgrade to this release.ĭowngrading Connection Server instances is not supported. Note that self-signed certificates are insecure and should be replaced by CA-signed certificates as soon as possible, and that SHA-1 certificates are no longer considered secure and should be replaced by SHA-2 certificates.ĭo not remove CA-signed certificates that were installed for production use, as recommended by VMware. The self-signed certificate in this release has a longer RSA key (2048 bits instead of 1024) and a stronger signature (SHA-256 with RSA instead of SHA-1 with RSA) than in pre-6.2 releases. Removing the old self-signed certificate ensures that a new certificate is installed. During an upgrade, the installer does not replace any existing certificate. Connections might not work if the existing self-signed certificates remain in place. If you intend to upgrade a pre-6.2 installation of VMware Horizon and the Connection Server uses the self-signed certificate that was installed by default, you must remove the existing self-signed certificate before you perform the upgrade. For more information, see VMware Knowledge Base article 78434.įor supported upgrade paths, see the VMware Product Interoperability Matrix. There are also performance issues with the 11.x versions of VMware Tools. To determine which VMware Tools versions are supported, go to the VMware Product Interoperability Matrix. If you plan to install a version of VMware Tools downloaded from VMware Product Downloads, rather than the default version provided with vSphere, make sure that the VMware Tools version is supported. Important note about installing VMware Tools Microsoft Internet Explorer no longer supported for Horizon ConsoleĪs Horizon Console is migrating to VMware clarity widgets which do not support Internet Explorer, we have removed Internet Explorer from the list of supported browsers for Horizon Console.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |