Certificates error when opening web resources on a VM in a VDI 2019 farm.

Dmitry Dubok 1 Reputation point
2021-03-17T06:36:57.717+00:00

VM prepared using sysprep with sysprep / generalize / shutdown / oobe / mode: vm options
After creating a template for VDI 2019 and then deploying virtual desktops, while using the browser (Edge, IE, Firefox), the certificate error of some web resources, such as “google.com”, “microsoft.com”, etc.
No proxy is used.
Suspicion falls on sysprep.
In the case of deploying a VM, without sysprep, from a clean image, under the same network conditions, VM in the domain, problems with certificates are not observed.

During testing, various releases, versions and builds for VM were used:

Windows 10 Pro, version 2004, ENGLISH, RUSSIAN, OS Build 19041.804.
Windows 10 Enterprise, version 2004, ENGLISH, RUSSIAN, OS Build 19041.804.
Windows 10 Pro, version 2004, RUSSIAN, OS Build 19041.264.

The problem is observed with any option.

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,260 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Grace HE 1,241 Reputation points
    2021-03-24T08:31:08.577+00:00

    Hi,
    Thank you for posting your query. According to your description, it seems that the key is sysprep. More details would be grateful.
    Is there any error message?

    Additionally, here are some links you may refer to.
    Sysprep (Generalize) a Windows installation
    https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/sysprep--generalize--a-windows-installation

    Sysprep (System Preparation) Overview
    https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/sysprep--system-preparation--overview

    Sysprep removes SSL certificates (certs) from images in an environment using Cloud Enabled Management(CEM)
    https://knowledge.broadcom.com/external/article/161147/sysprep-removes-ssl-certificates-certs-f.html

    Best Regards,
    Grace

    ---If the suggestions above are helpful, please ACCEPT ANSWER. Really appreciate. This will also help others with similar issue to find this post quickly. ---

    0 comments
  2. Dmitry Dubok 1 Reputation point
    2021-04-12T11:36:32.897+00:00

    Found a solution.

    1. A VM was created without sysprep, entered into the organization's domain, after which all certificates from the "Trusted Root Certification Authorities" store were exported.
    2. The next step was to prepare the VM image for VDI, all the certificates taken from the VM in the previous step were imported, after which sysprep was launched, then the VM was deployed on the VDI farm from the prepared image.

    After the steps taken, problems with certificates when opening web pages are not observed, so far.