Solved

Creating a different certificate for RD Remote App server

Posted on 2010-09-06
17
1,006 Views
Last Modified: 2012-05-10
Hi Guys,
I've got a few Remote Desktop servers set up and connect through to them via URL to https://rdserver.domain.com/rdweb however when i try to launch anything it shows that the certificate doesn't match and won't let me continue. The servers have self signed certificates but these obviously show the internal address servername.domain.local .
Can i create a certificate to match what i need and if so how or is there another way around this ?
Thanks
0
Comment
Question by:Netexperts
  • 9
  • 8
17 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33610471
Yes you can. But you need CA server in your environment to fulfill these requirements.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33610504
I Think our DC is a CA, is this just a case of creating a cert and exporting it ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33610679
Yup, try to request a WWW certificate then issue it to your server. I would try to prepare a doc if you need.
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 1

Author Comment

by:Netexperts
ID: 33610906
That would be great. Thanks
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611435
I think i managed to create and install a new certificate as the RemoteApp page shows that it now has the external url however when i hit the landing page it says there is a certificate mismatch and if i view the certificate it shows a different one to the one i created and installed to the RemoteApp server.
Does the /RDWEB landing page pick up it's certificate from a different place (or do i also need to set it here ?
Hope this makes sense.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611530
check on rd server in certmgr.msc console if there is only your newly generated certificate (without self signed) move yours into place where self-signed is
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611641
In certmgr.msc i can see the newly created certificate (for the external URL) and the local one (which shows on the landing page) but i can't see anything that shows which is self-signed however the internal one has a key symbol on it and the new one does not.
I've not used certmgr.msc before so sorry if i'm a bit vague.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611680
ok, so let's export that local one and then we will remove it for tests. Click on it right mouse button and choose export, then follow a wizard
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611721
Ok, i've exported it. Should i now delete that cert from certmgr ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611747
yes, do it.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611774
Done
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33613195
OK, what results do you have?
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33613293
Still have the same issue.
If i get to the landing page it shows the cert is issued by the TS server for the local TS address but then when i log in and try an icon it then shows certificate mismatch and when i view the certificate it shows it's issued by the CA and for the external URL address (i.e the correct one i created)
Hope this makes sense.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33615649
ok then, I would try to prepare a doc for you :)
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33618385
Sorry for delay. Busy day :/ So, try with this doc
cert.doc
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 33640209
That's worked, many thanks
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33643762
You're welcome
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I have been working as System Administrators since 2003. I recently started working as a FreeLancer and was amazed to find out that very few people are taking full advantage of their Windows Server Machines. Microsoft Windows Server comes with so…
I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now