Have you try setting the revocation checking at the registry?
Revocation Checking
VMware View 5.1 supports revocation checking of SSL certificates. This can be configured in the registry or by
setting GPO policy.
To configure revocation check types, edit the following registry settings or set a GPO policy on the Connection
Servers:
Add a string type registry key CertificateRevocationCheckType to Software\Policies\VMware, inc.\VMware
VDM\Security.
The following revocation check types are supported by VMware View 5.1.
• None – Set CertificateRevocationCheckType = 1. No revocation checking is done if this option is set.
• EndCertificateOnly – Set CertificateRevocationCheckType = 2. Revocation checking is done only for the end
certificate in the chain.
• WholeChain – Set CertificateRevocationCheckType = 3. A complete path is built for the certificate, and a
revocation check is done for all certificates in the path.
• WholeChainButRoot – Set CertificateRevocationCheckType = 4. A complete path is built for the certificate,
and a revocation check is done for all certificates in the path except forthe Root CA certificate (default value).
Note: As per RFC 4158, the options EndCertificateOnly = 2, WholeChain = 3, and WholeChainButRoot = 4 yield
the same revocation check results.
Other Revocation Check Settings
Additionalrevocation check setting supported by VMware View 5.1 include:
Software\Policies\VMware, inc.\VMware VDM\Security\ CertificateRevocationCheckCacheOnly.
“False”(default) – Disable caching revocation responses.
“True” – Enable caching revocation responses.
Software\Policies\VMware, inc.\VMware VDM\Security\ CertificateRevocationCheckTimeOut.
Cumulative timeout across allrevocation check intervals in milliseconds. If not set, default is set to ‘0’, which
means Microsoft defaults are used.
Please visit Microsoft-TechNet for detailed information on Certificate Status Checking.