I am having difficulty changing the certificate on my Remote Desktop Services session hosts. I previously had them configured with self-signed certificates. I have now created a certificate signed by our enterprise CA. Even after changing the Digital Signature Settings in RemoteApp Manager to reflect the new certificate, restarting IIS, even rebooting the servers, when clients connect it is still presenting them with the old certificate.
This old certificate is nowhere to be found in IIS or in Certificates\Personal. It is found, however, in Certificates\Remote Desktop. If I delete this, it reappears when a client connects again.
This behaviour is consistent across both the session hosts in the farm.
I thought this may be an issue with the new enterprise CA certificate. So, I configured RemoteApp Manager to not use a certificate. It still offers clients that are connecting the old certificate.
Is there something obvious I'm missing here?