Solved

Creating a different certificate for RD Remote App server

Posted on 2010-09-06
17
1,008 Views
Last Modified: 2012-05-10
Hi Guys,
I've got a few Remote Desktop servers set up and connect through to them via URL to https://rdserver.domain.com/rdweb however when i try to launch anything it shows that the certificate doesn't match and won't let me continue. The servers have self signed certificates but these obviously show the internal address servername.domain.local .
Can i create a certificate to match what i need and if so how or is there another way around this ?
Thanks
0
Comment
Question by:Netexperts
  • 9
  • 8
17 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33610471
Yes you can. But you need CA server in your environment to fulfill these requirements.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33610504
I Think our DC is a CA, is this just a case of creating a cert and exporting it ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33610679
Yup, try to request a WWW certificate then issue it to your server. I would try to prepare a doc if you need.
0
Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

 
LVL 1

Author Comment

by:Netexperts
ID: 33610906
That would be great. Thanks
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611435
I think i managed to create and install a new certificate as the RemoteApp page shows that it now has the external url however when i hit the landing page it says there is a certificate mismatch and if i view the certificate it shows a different one to the one i created and installed to the RemoteApp server.
Does the /RDWEB landing page pick up it's certificate from a different place (or do i also need to set it here ?
Hope this makes sense.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611530
check on rd server in certmgr.msc console if there is only your newly generated certificate (without self signed) move yours into place where self-signed is
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611641
In certmgr.msc i can see the newly created certificate (for the external URL) and the local one (which shows on the landing page) but i can't see anything that shows which is self-signed however the internal one has a key symbol on it and the new one does not.
I've not used certmgr.msc before so sorry if i'm a bit vague.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611680
ok, so let's export that local one and then we will remove it for tests. Click on it right mouse button and choose export, then follow a wizard
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611721
Ok, i've exported it. Should i now delete that cert from certmgr ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611747
yes, do it.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611774
Done
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33613195
OK, what results do you have?
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33613293
Still have the same issue.
If i get to the landing page it shows the cert is issued by the TS server for the local TS address but then when i log in and try an icon it then shows certificate mismatch and when i view the certificate it shows it's issued by the CA and for the external URL address (i.e the correct one i created)
Hope this makes sense.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33615649
ok then, I would try to prepare a doc for you :)
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33618385
Sorry for delay. Busy day :/ So, try with this doc
cert.doc
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 33640209
That's worked, many thanks
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33643762
You're welcome
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
Redirected folders in a windows domain can be quite useful for a number of reasons, one of them being that with redirected application data, you can give users more seamless experience when logging into different workstations.  For example, if a use…
This tutorial will walk an individual through locating and launching the BEUtility application and how to execute it on the appropriate database. Log onto the server running the Backup Exec database. In a larger environment, this would generally be …
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question