February 5, 2013 - Sven Huisman

Secure your VMware View security server!

Recently, one of my customers had a security scan performed on the infrastructure and the result was that the VMware View security server was configured to support a couple of weak cipher suites. As it turns out, there is a VMware KB-article that describes how to configure the security server with SSL protocols and Cipher suites: Configure cipher suites and security protocols on a View Connection server instance or security server in View 4.5 and later.

How to solve this:

– Create a text-file called: locked.properties (Usually located in “c:\program files\VMware\VMware View\Server\sslgateway\conf\”)

– The locked.properties file should look like this:


How do you know these are safe cipher suites that you can use? I found the following website and you can see that the Cipher suites mentioned in the KB-article are safe to use:


Virtual Desktop Security Server / SSL / View / VMware /


  • Totie Bash says:

    Thanks, I spent lots of time with locked.properties file when I smartcard enable my View environment. It looks like I have to revisit the file to plug these in.

  • Jimmy says:

    Great article. Unfortunately I am currently experiencing the same issues with View 5.0 Connection and Security servers. I attempted to create the locked.properties file mirroring the one you posted, but after rescanning with Retina I still receive the SSL Weak Cipher Strength Supported findings on port 4172. Additionally, when I have the locked.properties file saved in the mentioned file directory, this particular Connection server appears to not be able to communicate with the other Connection servers. When I log into the Admin console there is a ? mark next to the Connection server.

    Any additional assistance on the SSL issue would be most appreciative.