Remote Desktop Server authentication problem

When opening an app in RDWeb (running on 2008 R2) I am getting a pop up stating that "your remote desktop connection failed because the remote computer cannot be authenticated" on my XP SP3 machine - not a problem in vista, win 7.  It is advising me that there are problems with the security certificate.  It looks like a name mismatch.  The requested name is, and the name in the certificate is TS.domainname.local.  The error is encountered when validating the computer's certificate; "The server name on the certificate is incorrect"  If I change the authentication level:i:1 level to 0, i dont' get the prompt, but I am not thinking this is a valid or secure solution.
Who is Participating?

Here are a few quick steps:

1) issue a cert that matches the externally addressable FQDN of the gateway.

2) ensure the issuing authorities cert is exported to the client (this is the step most people get wrong, they export the gateway certificate by mistake) this MUST be imported into the trusted root store of the client machine (use the MMC snap in to do this). If the cert goes into the wrong store (usually machine personal or user personal) drag and drop it from that store into the machine trusted root authorities store.

3) ensure you haven't turned on require certificate auth for the terminal server (this is the default and will mean one less set of certs - to make it easier for testing).

4) do not use wildcard certs

I'm quoting from microsoft technet (

Also, the above link has detailed info on how to install the TS Gateway server root certificate on the terminal services client.

Hope that helps.
SuperiorCabinetsAuthor Commented:
I changed the authentication level:i:2 to 0, and I am able to login successfully and open the remote app programs successfully.
SuperiorCabinetsAuthor Commented:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.