I have finally setup a certificate authority in my lab and am working on replacing self-signed certs. This week I was working on my Horizon Connection server.

When you make changes to the SSL Certificate on your Horizon Connection Server(s), you may see an error message similar to this:

Server's certificate subject name does not match the server's External URL.  Server's certificate is not trusted.

When you first install the Connection Server, it uses the hostname of the server as the “External URL”.  If this does not match the URL you will publish for your users, a small change needs to be made in the configuration of the Connection Server.

For example: your connection server hostname is “conn01.domain.com” and the URL your users will access is “view.domain.com”

You may also see this error if you are changing the published URL of your Horizon environment.  (say from  “vdm.domain.com” to “view.domain.com”).

In these instances, you will see an alert in the Horizon dashboard like:

The fix is easy and does not require a restart.

Login to the Horizon Administration Console and navigate to Settings -> Connection Servers.  Select your connection server and click Edit.   There is a text field called External URL which needs to be updated to match whatever the published URL is.

Make the required changes and click Apply.  The error message will disappear from the dashboard in a few minutes.

This is documented in VMware KB 80371.