I have a TS Web Access Server running on the same machine as a TS Gateway. This machine wa.mysite.com has an SSL cert and is functioning well. I had some SSL issues with customers connecting to the RemoteApp server (ras.mydomain.local) so I got an SSL cert for the local FQDN and installed it on the RemoteApp server. I thought all was well, but some clients get an error, "The certificate or associated chain is invalid." I have checked the Certification Path using IIS on the RemoteApp server and it's properly configured. After reading that not all SSL certs are created equally, I though i would try one from Thawte to replace the GoDaddy one I have. While I was doing that, i stumbled across the notion that perhaps i should have a public FQDN for the RemoteApp server. Is this the case? Seems odd to me--b/c i want to protect the RemoteApp server by using TS Web Access / TS Gateway.