Solved

Creating a different certificate for RD Remote App server

Posted on 2010-09-06
17
1,009 Views
Last Modified: 2012-05-10
Hi Guys,
I've got a few Remote Desktop servers set up and connect through to them via URL to https://rdserver.domain.com/rdweb however when i try to launch anything it shows that the certificate doesn't match and won't let me continue. The servers have self signed certificates but these obviously show the internal address servername.domain.local .
Can i create a certificate to match what i need and if so how or is there another way around this ?
Thanks
0
Comment
Question by:Netexperts
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 8
17 Comments
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33610471
Yes you can. But you need CA server in your environment to fulfill these requirements.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33610504
I Think our DC is a CA, is this just a case of creating a cert and exporting it ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33610679
Yup, try to request a WWW certificate then issue it to your server. I would try to prepare a doc if you need.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 1

Author Comment

by:Netexperts
ID: 33610906
That would be great. Thanks
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611435
I think i managed to create and install a new certificate as the RemoteApp page shows that it now has the external url however when i hit the landing page it says there is a certificate mismatch and if i view the certificate it shows a different one to the one i created and installed to the RemoteApp server.
Does the /RDWEB landing page pick up it's certificate from a different place (or do i also need to set it here ?
Hope this makes sense.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611530
check on rd server in certmgr.msc console if there is only your newly generated certificate (without self signed) move yours into place where self-signed is
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611641
In certmgr.msc i can see the newly created certificate (for the external URL) and the local one (which shows on the landing page) but i can't see anything that shows which is self-signed however the internal one has a key symbol on it and the new one does not.
I've not used certmgr.msc before so sorry if i'm a bit vague.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611680
ok, so let's export that local one and then we will remove it for tests. Click on it right mouse button and choose export, then follow a wizard
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611721
Ok, i've exported it. Should i now delete that cert from certmgr ?
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33611747
yes, do it.
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33611774
Done
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33613195
OK, what results do you have?
0
 
LVL 1

Author Comment

by:Netexperts
ID: 33613293
Still have the same issue.
If i get to the landing page it shows the cert is issued by the TS server for the local TS address but then when i log in and try an icon it then shows certificate mismatch and when i view the certificate it shows it's issued by the CA and for the external URL address (i.e the correct one i created)
Hope this makes sense.
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33615649
ok then, I would try to prepare a doc for you :)
0
 
LVL 39

Accepted Solution

by:
Krzysztof Pytko earned 500 total points
ID: 33618385
Sorry for delay. Busy day :/ So, try with this doc
cert.doc
0
 
LVL 1

Author Closing Comment

by:Netexperts
ID: 33640209
That's worked, many thanks
0
 
LVL 39

Expert Comment

by:Krzysztof Pytko
ID: 33643762
You're welcome
0

Featured Post

On Demand Webinar - Networking for the Cloud Era

This webinar discusses:
-Common barriers companies experience when moving to the cloud
-How SD-WAN changes the way we look at networks
-Best practices customers should employ moving forward with cloud migration
-What happens behind the scenes of SteelConnect’s one-click button

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will show how to configure a new Backup Exec 2012 server and move an existing database to that server with the use of the BEUtility. Install Backup Exec 2012 on the new server and apply all of the latest hotfixes and service packs. The…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question