Importing Trusted Certificates onto Legacy Wyse WinTerms

Overview

Root Certificates are used by web browsers to identify a trust with web sites. When root certificates expire, Windows usually auto-updates them (Vista and above) or deploys them through Microsoft Update (Windows XP). The Windows CE 5 operating system on the Wyse 3150 WinTerm (windows terminal) has no automatic way of updating them so they must be imported manually.

We had this situation arise when our remote users complained that they were unable to log on to one of our Citrix Servers. All they would get was an SSL Error 70 message when they tried to load the virtual desktop. Luckily, one of the more up to date terminals gave a more specific error, stating that one of the certificates, from GlobalSign, had expired. So my challenge became to get the latest one imported manually.

Instructions

Step 1 – Get the latest certificate

Obtain the latest certificate from the provider or export it from a Windows XP computer

Step 2 – Install the Certificate

    • Log on to the WinTerm as the Administrator
      • If you are doing this via VNC, use the Alt+F4 command during auto-logon to access the administrator logon
    • Open the Control Panel from the link in the Start Menu
    • You should find the Certificates add-on
      • WinTerm Control Panel

        WinTerm Control Panel

      • If the Certificates add-on isn’t there, you will need to install it
        • Warning: After the new Add-on is installed you will need to restart the WinTerm
      • Download the necessary Certificate Manager Addon from the Wyse Support website
      • Extract the files and copy certsaddon.bin and params.ini to a folder on an FTP server
      • Back on the WinTerm Control Panel, Open the Add-on applet and click Upgrade.
      • Specify the FTP server where the add on files are saved.
        • Warning: The upgrade will install all add-ons that it can find so make sure the folder doesn’t have anything else unwanted in it
      • After you get the Upgrade Complete message, restart the WinTerm
    • Open the Certificates Add on select “Trusted Authorities (Root)” from the Certificate Type list
      • You can select any certificate and click the Details button to view the Valid Till date
      • WinTerm Certificate Add-on

        WinTerm Certificate Add-on

      • Note: You do not need to remove old certificates (in fact, it wouldn’t even let me!)
    • Click the Import button
    • Enter your FTP site information and click the Connect button
    • Importing a certificate via FTP

      Importing a certificate via FTP

    • After it has connected, type in the relevant filename and click Import File
      • You will get an “Import Successful” message if it finds the file
    • Close all of the windows and the new certificate will now be installed, no reboot required.

2013 Blog Stats in review

The WordPress.com stats helper monkeys prepared a 2013 annual report for this blog. Despite only having 8 new posts I feel like I’ve reconnected with my blog a bit and hopefully will be adding more useful articles on it soon. Thanks for reading :)

Here’s an excerpt:

The Louvre Museum has 8.5 million visitors per year. This blog was viewed about 130,000 times in 2013. If it were an exhibit at the Louvre Museum, it would take about 6 days for that many people to see it.

Click here to see the complete report.

Using Group Policy Preferences to deploy Favorites to Internet Explorer

My previous article, The new way to configure Internet Explorer proxy settings with Group Policy, spoke about how the Internet Explorer Maintenance section of Group Policy has been killed off in favour of ADMX templates and Group Policy Preferences. One benefit of this is that you get rid of the time-consuming “Branding Internet Explorer” section when a user logs on to a PC.

Thanks to the lack of communication from Microsoft, we now need to scramble around to get all of our Internet Explorer Favorites re-deployed for any PC with IE10 or above. Thankfully it is a relatively simple, if tedious task. I used the GPMC on a 2008 R2 member server

Continue reading

The new way to configure Internet Explorer proxy settings with Group Policy

Internet Explorer 10 was released for Windows 7 and Windows Server 2008 R2 machines back in February 2013. Nine months later and we are going through it again with Internet Explorer 11. For SysAdmins and IT Pros managing software updates, these new versions led to quite a significant change in how we use Group Policy to manage them.

I only recently discovered that when Windows 8 (and along with it IE10) was released they finally got rid of the “Internet Explorer Maintenance” Section of the Group Policy Editor. This section always struck me as an odd place to configure IE settings and I’m still not sure why they couldn’t just use the normal Administrative Template section.

Internet Explorer Maintenance in Server 2003 Group Policy Editor

Internet Explorer Maintenance in Server 2003 Group Policy Editor

Continue reading

Freeing up Disk Space on a Windows 8 tablet

Image from Graeme Newcomb, Flickr

Is your hard disk overloaded?

I love my little Windows 8 HP ElitePad but if I had one major complaint its that I got the one with only 32GB. I knew, from years of maintaining PCs, laptops & netbooks, that the space would quickly be eaten up by Windows Updates alone! In fact, when the ElitePad was brand new out the box it unbelievably only had 11GB free.

I went to upgrade to Windows 8.1 now it has been publically released but discovered that I only had around 750MB free on my c: drive! The Win8.1 Pro download was 2.1GB itself so I had to do some serious freeing up of disk space. Unfortunately, Windows is quite good at hiding this stuff and a lot of online guides make recommend pointless “tips” such as “to save space, flush the DNS cache”!

So here is my guide on several options you have to free up space on your restricted device. Some of them, like removing the recovery partition, are one-offs but others can be repeated whenever space starts to get a bit tight

Continue reading

My Toolbox – Quick and easy driver backup with Double Driver

Just a quick post because I wanted to give a worthy bit of software a shout-out.

Double Driver from http://www.boozet.org/dd.htm

This little free program lets you back up all of the drivers on your PC for safe keeping. This is really handy if you want to save them all before a major update or re-installation. I also use it a lot on PCs with older operating systems (like Windows XP) because sometimes they are a real pain to try and find from the official OEM website (HP, I’m looking at you). It’s the kind of utility you wished Microsoft had just built directly into the Windows Device Manager.

Image

Continue reading

Converting a folder of text files into a well formatted CSV spreadsheet with PowerShell

We are in the process of changing over our Print Server and the first step on the plan was to get some data from all the computers on my network about which printers they had installed. This needed to grab the data from all users on all PCs so the only logical way to do this was to create logon script below and let it run for a week. In a previous post I discussed how PowerShell Export-CSV turns lovely tables in to garbage but now I needed to get a CSV from hundreds of separate text files …

Continue reading