Remove the requirement for a certificate on RDP connection through Remote Web Workspace.

bryangoss
bryangoss used Ask the Experts™
on
How can I remove the requirement of a certificate to be installed when a user tries to use RDP in Remote Web Workspace, on SBS 2008. Users are recieving error that the correct certificate is not installed and will not allow them to log into there terminal via the TSadmin or RDP button in Remote Web Workspace .
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2013
Commented:
With 2003 you could choose ignore, but with 2008 you have to have a certificate unless you want to hack IIS. The best bet is to set up the certificate properly.

Your externally facing FQDN, the certificate, and your external DNS records (external name you will use to connect to the SBS) must all be the same. The default with SBS is remote.yourdomain.abc   If you wish to change this or want to create a new self signed certificate, you need to re-run the “Set Up My Internet Address” wizard. To do so  see the following link.  Assuming you already have a purchased domain name you can skip down to item #7. If you do not want to use the default “remote” you need to click the “advanced settings” link on the “Internet Address Management” page.
http://blogs.technet.com/b/sbs/archive/2008/10/15/introducing-the-internet-address-management-wizard-part-1-of-3.aspx

New machines joined to the domain will automatically have the certificate added, but remote machines or mobile devices will need to have the certificate installed. To do so see the following which outlines how to distribute/install the self signed certificate
http://blogs.technet.com/b/sbs/archive/2008/09/30/how-do-i-distribute-the-sbs-2008-self-signed-ssl-certificate-to-my-users.aspx

A simpler option is to buy a 3rd party certificate. The advantage being the certificate does not have to be installed on the remote machine because Internet Explorer already recognized the certificate provider. The least expensive provider of 3rd party certificates is GoDaddy. To request and install a GoDaddy certificate se:
http://sbs.seandaniel.com/2009/02/installing-godaddy-standard-ssl.html

The one catch with a GoDaddy certificate is they also use an “intermediate certificate”. This is not usually a problem but on some mobile devices it has to be installed. If you don’t want to deal with the intermediate certificate there are other providers that do not use them:
http://www.dotster.com/ssl/
http://www.rapidssl.com/buy-ssl/ssl-certificate/index.html
Awarded 2009
Top Expert 2010

Commented:
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial