PCoIP Zero Client and Host Administrator Guide (Issue 5)

ManualsBrandsHP ManualsDesktopHP t310 Zero Client series

361

362

363

364

365

366

367

368

369

370

9. Save this .cer file to a location where it can be accessed by the Windows 2008 server

and imported into Active Directory.

Convert the Certificate Format from .pfx to .pem

1. Download and install Windows OpenSSL from

http://www.slproweb.com/products/Win32OpenSSL.html. (The light version is

sufficient.)

2. Copy the .pfx client certificate file you saved above to the C:\OpenSSL-Win32\bin

directory.

3. Open a command prompt window, and then enter the following command to convert

the certificate format from .pfx to .pem:

C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in <client_cert>.pfx -out <client_

cert>.pem -nodes

where <client_cert> is the name of the .pfx certificate file you saved to your local

machine.

4. When prompted, enter the password for the certificate file.

5. At the command prompt, enter the following command to create an RSA private key

file:

C:\OpenSSL-Win32\bin\openssl.exe rsa –in <client_cert>.pem –out < client_cert>_

rsa.pem

where <client_cert> is the name of the .pem certificate file you created in the previous

step.

6. In Notepad:

a. Open both the original .pem file and the RSA .pem file you just created. The RSA

.pem file contains only an RSA private key. Because the zero client certificate

requires its private key in RSA format, you need to replace its private key with this

RSA private key.

b. Copy the entire contents of the RSA .pem file (everything from -----BEGIN RSA

PRIVATE KEY ----- to -----END RSA PRIVATE KEY-----), and paste it into

the original .pem file, replacing its private key with this RSA private key.

In other words, make sure that all the text from -----BEGIN PRIVATE KEY-----

to -----END PRIVATE KEY (including the dashes) in the original .pem file is

replaced with the contents of -----BEGIN RSA PRIVATE KEY ----- to -----

END RSA PRIVATE KEY----- (including the dashes) from the RSA .pem file

c. Save the original .pem file and close it. The certificate is now ready to be uploaded

to the zero client.

Import the Client Certificate into the Client User Account

1. Log in to the Windows 2008 server.

2. Click Start > Administrative Tools > Active Directory Users and Computers.

3. From the View menu, select Advanced Features.

4. Navigate to the user you created for the zero client.

5. Right-click the user, and then select Name Mappings.

6. In the X.509 Certificates section, click Add.

TER1206003 Issue 5 370

PCoIP® Zero Client and Host Administrator Guide