So, I've taken over this SMB 2011 server and it appears to have an expired certificate, I thought I had that taken care of, but looks like I'm missing something.
When the users go to remote.OURDOMAIN.com they get a certificate error, then can click through to the page. That page shows them a list of computers they can connect to, and now they are unable to connect to them. When you click a computer to connect, the first screen that comes up is a RemoteApp warning, unknown publisher. Then they enter their credentials and are told
This computer can't verify the identity of the RD gateway "remote.OURDOMAIN.com". It's not safe to connect to servers that can't be identified.
The certificate you can view has the error:
This CA Root certificate is not trusted because it is not in the Trusted Root Certification Authorities store.
I've been trying to put it in the root store, and I thought I did that, but it's still not working. Kinda stuck on what to try next.