How do I change the certificate for a RemoteApp source for Remote Desktop Services?

I am having difficulty changing the certificate on my Remote Desktop Services session hosts. I previously had them configured with self-signed certificates. I have now created a certificate signed by our enterprise CA. Even after changing the Digital Signature Settings in RemoteApp Manager to reflect the new certificate, restarting IIS, even rebooting the servers, when clients connect it is still presenting them with the old certificate.

This old certificate is nowhere to be found in IIS or in Certificates\Personal. It is found, however, in Certificates\Remote Desktop. If I delete this, it reappears when a client connects again.

This behaviour is consistent across both the session hosts in the farm.

I thought this may be an issue with the new enterprise CA certificate. So, I configured RemoteApp Manager to not use a certificate. It still offers clients that are connecting the old certificate.

Is there something obvious I'm missing here?

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Syed Mutahir AliTechnology ConsultantCommented:
I haven't used this feature of R2 yet, but had this in my bookmark as I have to implement this soon for a client :
Remote Desktop Gateway Manager :
In the left navigation pane of your RD Gateway Manager MMC console,  click on your server and select properties under Actions, did you installed your certificate on the "SSL TAB" in RD Gateway Manager ?
nickfridayAuthor Commented:
Thanks mutahir,

Unfortunately those articles refer to the RD Gateway and not the Session Host. The corresponding session host article doesn't really mention certificates.

Alex AppletonBusiness Technology AnalystCommented:
You can change the certificate in the TS Connection manager (tsconfig.msc).  Right click the connection and select properties and at the bottom of the RDP-Tcp Properties window in the general tab you get to choose the certificate, or import a new one.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.