Solved

Certificate error for TS WebApp Server behind TS Gateway

Posted on 2011-02-23
10
1,129 Views
Last Modified: 2012-05-11
Our SBS2008 server is properly configured with a trusted certificate. We have set up a second server 2008 machine running TS WebApps. We have also published a couple RDP links to the RWW web site using the guides created by Microsoft.

When a user logs into the RWW and clicks the link to launch the Remote WebApp it prompts them for their credentials to the terminal server but then throws the error about the certificate to the LOCAL name of the TS Web Apps server and prevents the connection.

How do i set up a certificate for a local machine to allow the rdp connection to pass through? Or is something setup incorrectly?

 error
0
Comment
Question by:Joe Sorensen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
10 Comments
 

Author Comment

by:Joe Sorensen
ID: 34963820
PS when attempting to connect from Windows Vista i don't see the error. It's my users using Windows 7 that can't connect
0
 
LVL 39

Expert Comment

by:Philip Elder
ID: 34963907
By default we do not touch the certificate structure on the TS/RDS box other than to specify the RWW/RWA URL as the TS/RDS Gateway pointer.

Normally there is a check box on that warning that we can check to "Don't Bug Me" again about that.

Have changes been made to the certificate setup on the TS/RDS box?

Philip
0
 

Author Comment

by:Joe Sorensen
ID: 34964053
our TS Gateway/SBS box has the certificate installed for our public dns name and works great for OWA/RWW/TS Gateway, etc.

The rdp files are set to use the TS Gateway to connect through back to the local name of the TS Web App server.

The TS WebApp terminal server itself is NOT exposed directly to the internet. Just our SBS box with the RDP links.
0
The Ultimate Checklist to Optimize Your Website

Websites are getting bigger and complicated by the day. Video, images, custom fonts are all great for showcasing your product/service. But the price to pay in terms of reduced page load times and ultimately, decreased sales, can lead to some difficult decisions about what to cut.

 
LVL 39

Accepted Solution

by:
Philip Elder earned 500 total points
ID: 34964169
Yes, that is how we have all of our TS/RDS setups running through SBS 08/11's TS/RDS Gateway.

The certificate warning always comes up on first connection but it allows us to ignore it going forward.

Philip
0
 
LVL 39

Expert Comment

by:Philip Elder
ID: 34964189
The following may help:

Logon using the following structure:

Domain\FirstLast
My crazy l0ng pass phrase!

Users can check the Save Credentials but that will only apply for the Gateway depending on how the GPO security structures are set up.

Philip
0
 

Author Comment

by:Joe Sorensen
ID: 34964292
The authenticate to the Gateway just fine. That certificate works. It prompts them for the certificate for the machine BEHIND the gateway. If I manually change the "authentication:i" property from

authentication:i:2 to authentication:i:1 it will allow me to suppress the warning about the certificate and continue on. I would just rather not see the message at all.

Is there some kind of certificate i need to auth between the sbs08 box and the server 2008 box?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 37419175
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
0
 
LVL 39

Expert Comment

by:Philip Elder
ID: 37393243
To answer your last question, "No".

On first connection by a remotely connecting system there will always be two certificate warnings.

Philip
0
 

Author Comment

by:Joe Sorensen
ID: 37399895
confirmed accept #34964169
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

690 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question