Solved

Remote Desktop Services certificate 2012 R2

Posted on 2014-01-17
5
2,379 Views
Last Modified: 2014-01-19
I am trying to find a step by step article on installing a certificate for Remote Desktop Services on Server 2012 R2.

I have seen some say that you can't use a Godaddy certificate.

I assume if I use a self assigned certificate, users would need to install it on their computer or they would not be able to connect.
0
Comment
Question by:ajdratch
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Mahesh
ID: 39789901
The certificate common name must be matching to FQDN of RDP server \ RD gateway and its issuing authority root certificate need to be installed on trusted root cert store on client computers in order to get access.

I don't see any reason for not working certificates from Public CA

Mahesh
0
 

Author Comment

by:ajdratch
ID: 39792357
I added a godaddy certificate on the server using mmc - certificates. I originally tried adding the cert through IIS. I got access denied. I saw a lot of post for this issue but no resolution. That is why I did it through MMC

Now I can no longer get to ts.domain.com/rdweb

I tried adding the certificates in "configure the deployment"  but it only excepts PFX certificates.  I think that is why someone said a godaddy cert will not work.

Now I have a SSL certificate on the server. It shows in IIS however I can no longer access that site and I cannot add it to the RDS certificates

Could they have made this is more difficult
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39792395
In order to use web site with SSL, certificate must have private key associated with it.

Have you requested certificate from RD Web server ?

Just double click certificate in Certificate personnel store MMC and check at bottom if "You have private key that corresponds to this certificate".
If its not written there, then it means you don't have full certificate and you just have public key of cert which is not acceptable to IIS and RD gateway site as well

If you have requested certificate from else machine server, you  must need to install it on that machine 1st in Personnel certificate store MMC and from there you need to export it in PFX format with private key and then you can install it on RD Gateway server

Also you have to have local admin rights on RD gateway server in order to install it in IIS

Mahesh
0
 

Author Comment

by:ajdratch
ID: 39792470
It does say I have a private key
0
 

Author Closing Comment

by:ajdratch
ID: 39792473
I had it all correct but I had not imported the certificate into to RD gateway manager
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Table of Contents: Lesson 1 - Installing Windows Server 2012 (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2012/A_11592-Become-an-Administrator-Installing-Windows-Server-2012.html) Lesson 2 - Configuring Ser…
A procedure for exporting installed hotfix details of remote computers using powershell
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
In this Micro Tutorial viewers will learn how to restore their server from Bare Metal Backup image created with Windows Server Backup feature. As an example Windows 2012R2 is used.

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now