Solved

Remote desktop farm with wildcard cert

Posted on 2011-03-13
3
1,365 Views
Last Modified: 2013-11-21
Hi,
I have setup a remote desktop farm

Gateway: gateway.mydomain.org --> gw01.internal.local,gw02.internal.local
RD farm : farm.nlb.mydomain.org --> rd01.internal.local,rd02.internal.local,rd03.internal.local,rd04.internal.local

I have assigned a wildcard cert to all the remote desktop servers and the gateway servers but seem to have a little problem.

I get a cert error "Name mismatch"
requested remote computer
farm.nlb.mydomain.org
Name in the certificate from the remote computer
*.mydomain.org

Do i need to buy another wildcard cert to use on the remote desktop servers or do i need to do some thing else ?
Can i wildcard cert not be used on child domains?
0
Comment
Question by:dkSoftware
  • 2
3 Comments
 

Author Comment

by:dkSoftware
ID: 35126945
Has no one faced this issue before ?
0
 
LVL 34

Accepted Solution

by:
Dave_Dietz earned 500 total points
ID: 35131135
The problem is that the URl doesn't conform to the wildcard specification.

*.mydomain.org will match for server1.mydomain.org, thatcomputer.mydomain.org, otherserver.mydomain.org but does not match bobs.computer.mydomain.org.

A wildcard certificate can only use a wildcard for the leftmost entity of the host portion fo the URI and there can be no dots in that entity.  To match farm.nlb.mydomain.org you would need a certificate for *.nlb.mydomain.org which would then work for fram.nlb.mydomain.org, farm2.nlb.mydomain.org, etc.

To have a certificate that works for both gateway.mydomain.org and farm.nlb.mydomain.org you will need to get a SAN certificate that specifies those DNS names in the Subject Alternate Field and install that certificate on your servers instead.

Dave Dietz
0
 

Author Comment

by:dkSoftware
ID: 35134133
Thank you very much for this.
This confirms my theory and I will purchase another wildcard cert. to solve my problem :)
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question