Secure your VMware View security server!

Recently, one of my customers had a security scan performed on the infrastructure and the result was that the VMware View security server was configured to support a couple of weak cipher suites. As it turns out, there is a VMware KB-article that describes how to configure the security server with SSL protocols and Cipher suites: Configure cipher suites and security protocols on a View Connection server instance or security server in View 4.5 and later.

How to solve this:

- Create a text-file called: locked.properties (Usually located in “c:\program files\VMware\VMware View\Server\sslgateway\conf\”)

- The locked.properties file should look like this:

secureProtocols.1=SSLv3
secureProtocols.2=TLSv1

--> Please see the rest on the blog : http://virtualfuture.info/2013/02/secure-your-vmware-view-security-server