Solved

Remote Desktop Services certificate 2012 R2

Posted on 2014-01-17
5
2,398 Views
Last Modified: 2014-01-19
I am trying to find a step by step article on installing a certificate for Remote Desktop Services on Server 2012 R2.

I have seen some say that you can't use a Godaddy certificate.

I assume if I use a self assigned certificate, users would need to install it on their computer or they would not be able to connect.
0
Comment
Question by:ajdratch
  • 3
  • 2
5 Comments
 
LVL 36

Expert Comment

by:Mahesh
ID: 39789901
The certificate common name must be matching to FQDN of RDP server \ RD gateway and its issuing authority root certificate need to be installed on trusted root cert store on client computers in order to get access.

I don't see any reason for not working certificates from Public CA

Mahesh
0
 

Author Comment

by:ajdratch
ID: 39792357
I added a godaddy certificate on the server using mmc - certificates. I originally tried adding the cert through IIS. I got access denied. I saw a lot of post for this issue but no resolution. That is why I did it through MMC

Now I can no longer get to ts.domain.com/rdweb

I tried adding the certificates in "configure the deployment"  but it only excepts PFX certificates.  I think that is why someone said a godaddy cert will not work.

Now I have a SSL certificate on the server. It shows in IIS however I can no longer access that site and I cannot add it to the RDS certificates

Could they have made this is more difficult
0
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39792395
In order to use web site with SSL, certificate must have private key associated with it.

Have you requested certificate from RD Web server ?

Just double click certificate in Certificate personnel store MMC and check at bottom if "You have private key that corresponds to this certificate".
If its not written there, then it means you don't have full certificate and you just have public key of cert which is not acceptable to IIS and RD gateway site as well

If you have requested certificate from else machine server, you  must need to install it on that machine 1st in Personnel certificate store MMC and from there you need to export it in PFX format with private key and then you can install it on RD Gateway server

Also you have to have local admin rights on RD gateway server in order to install it in IIS

Mahesh
0
 

Author Comment

by:ajdratch
ID: 39792470
It does say I have a private key
0
 

Author Closing Comment

by:ajdratch
ID: 39792473
I had it all correct but I had not imported the certificate into to RD gateway manager
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Every now and then, Microsoft does something that totally impresses me. It doesn't happen often, but in this case I must say I am thoroughly impressed with Windows Server Backup. One of the long time issues with Windows Backup has been the ability t…
Recently, I was assigned the task of performing a hardware refresh in the datacenter. The previous Windows 2008 systems were connected to the SAN via fiber channel HBA’s and among other thing, had PowerPath installed in order to provide sufficient f…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question