The Security aspect reports on the status of the Application Virtualization Server's certificate and secure communication.
The Security aspect reports on the status of the Application Virtualization Server's certificate and secure communication.
Resolutions
Once the certificate is properly provisioned on the server, the Application Virtualization Service needs access to the private key in order to complete the TLS transaction. the 4.5 release, the Application Virtualization service runs under the Network Service by default. The Network Service must have READ permissions on the certificate private key.
The private key for the server certificate can be found here:
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys
If you have multiple certificates provisioned to the server and are unsure which private key corresponds to your Application Virtualization certificate, the following steps should be followed to locate the private key.
First, find the Thumbprint for the Application Virtualization server certificate.
Next, use the thumbprint information to located the corresponding private key file on the local file system.
To make sure the proper access rights are set on the private key file, do the following.
Target | Microsoft.AppVirtualization.Server.45.LightWeightServer | ||
Parent Monitor | Microsoft.AppVirtualization.Server.45.Security_LWS.HealthState | ||
Category | EventCollection | ||
Enabled | True | ||
Alert Generate | True | ||
Alert Severity | MatchMonitorHealth | ||
Alert Priority | Normal | ||
Alert Auto Resolve | True | ||
Monitor Type | Microsoft.Windows.SingleEventLogManualReset2StateMonitorType | ||
Remotable | True | ||
Accessibility | Public | ||
Alert Message |
| ||
RunAs | Default |
<UnitMonitor ID="Microsoft.AppVirtualization.Server.45.LightWeightServer.Security_FixAccessControlListontheCertificate_Application" Accessibility="Public" Target="Microsoft.AppVirtualization.Server.45.LightWeightServer" TypeID="Windows!Microsoft.Windows.SingleEventLogManualReset2StateMonitorType" ParentMonitorID="Microsoft.AppVirtualization.Server.45.Security_LWS.HealthState">
<Category>EventCollection</Category>
<AlertSettings AlertMessage="Microsoft.AppVirtualization.Server.45.LightWeightServer.Security_FixAccessControlListontheCertificate_Application.Alert">
<AlertOnState>Error</AlertOnState>
<AutoResolve>true</AutoResolve>
<AlertPriority>Normal</AlertPriority>
<AlertSeverity>MatchMonitorHealth</AlertSeverity>
<AlertParameters>
<AlertParameter1>$Data/Context/EventDescription$</AlertParameter1>
</AlertParameters>
</AlertSettings>
<OperationalStates>
<OperationalState ID="EventRaised" MonitorTypeStateID="EventRaised" HealthState="Error"/>
<OperationalState ID="ManualResetEventRaised" MonitorTypeStateID="ManualResetEventRaised" HealthState="Success"/>
</OperationalStates>
<Configuration>
<ComputerName>$Target/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<LogName>Application</LogName>
<Expression>
<And>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="String">PublisherName</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="String">Application Virtualization Server</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
<Expression>
<SimpleExpression>
<ValueExpression>
<XPathQuery Type="UnsignedInteger">EventDisplayNumber</XPathQuery>
</ValueExpression>
<Operator>Equal</Operator>
<ValueExpression>
<Value Type="UnsignedInteger">44955</Value>
</ValueExpression>
</SimpleExpression>
</Expression>
</And>
</Expression>
</Configuration>
</UnitMonitor>