Session Negotiation Failed – Horizon View 6.2

If you’re upgrading from an earlier version of VMware Horizon View to version 6.2 then you may see clients fail to log-in with error messages that follow similar verbage:
SSL session negotiation failed or The Zero Client may not be compatible with the host session negotiation cipher setting.

The problem occurs because some weaker encryption ciphers that were available in Horizon View 6.1 are now disabled in Horizon View 6.2; hence the session negotiation failed and/or incompatible cipher error messages.

This issue hit a small portion of our Teradici/10ZiG zero clients. The problem is that the more preferred ciphers are not supported on Teradici firmware versions below 4.8. If you’re running clients with a firmware version below 4.8 then you will most likely run in to this problem after upgrading to Horizon View 6.2.

Another temporary work around is to explicitly enable TLS 1.0, 1.1 and 1.2 on your connection servers and your desktop pools (your ‘gold’ base image).

This fixed the problem for us and the fix will be in place until we can be sure that all clients are on the latest firmware version.

Instructions on how to enable the above protocols can be found on KB2130798.

2016-01-04 19_47_28-VMware KB_ Configure security protocols for PCoIP for Horizon 6 version 6.2 and

What next?

Keep in mind that this should only be a temporary solution. The longer term permanent solution would be to upgrade all your thin and zero clients to the latest version. This includes the Teradici 4.8 firmware which is certified to be supported by Horizon View 6.2.