[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 8453
  • Last Modified:

The digital signature of this RDP file cannot be verified

I am running server 2012 remote desktop services with a separate server for  the connection broker, webaccess, Session host for remoteApps, and session host for Remote Desktop.

Everything was running fine until this morning, then I starting having an issue with runnung the RDWeb Remote Desktop Access app. As soon as it is chosen I get the following message block:

The digital signature of this RDP File cannot be verified. The remote connection cannot be started.

I have trusted SSL certificate purchased and installed, but they were not on the server with Session Host for Remote Desktop. I am assuming the self-signed certificate expired. Now I have installed the trusted certificate on this server.

While researching, it seems to me what I need to do is recreate the Remote Desktop App with the correct thumbprint. But I cannot determine where this app resides, or how to remove / reinstall it.

Am I on the right track? If so, how do I remove / reinstall this app?

Thanks
Bob Pahls
0
e-Tec_Support
Asked:
e-Tec_Support
  • 8
  • 5
1 Solution
 
Brad BouchardInformation Systems Security OfficerCommented:
Bob,

I'd say you're on the right track given the information you've shared with us.  To do what you need to do isn't hard.  Do this:

1)  You will find the server that created the remote app by going to it (the server) and opening up Administrative Tools > Remote Desktop Services > RemoteApp Manager
(*a hint here is that if the server you check on doesn't have RemoteApp Manager, then it is not the one you're looking for)
2)  If you find the server you're looking for you'll see the RemoteApp that you use listed in the RemoteApp Programs section towards the bottom of the screen.  From there, right click the app and select Remove.
3)  Finally on the right hand side, and after you've completed step 2, click on Add RemoteApp Programs and follow the Wizard.  It's very simple and will publish a new app with your new cert.

Let me know if you need more help.
0
 
e-Tec_SupportAuthor Commented:
Brad, Thanks for getting back to me.

So here's where I'm at.
Server7 is the RD Connection broker.
Server8 is the RD Web Access
Server9 is the session host for the RemoteApps
Server6 is the session host for the Remote Desktop

On Server7 under the RDS, I have the Remote Desktop Gateway manager.
On Server8 under the RDS, I have the Remote Desktop Licensing Manager
On Server9 under the RDS, I have the RD Licensing Diagnoser
On Server6 under the RDS, I have the RD Licensing Diagnoser

The only place I get to anything involving RemoteApps is through the Server Manager, Remote Desktop Services, Collections, RemoteApps. But in the RemoteApps programs section there is no Remote Desktop Application app. This is where I'm stuck.
Is there somewhere else I should be looking for this "app"? Or is it part of a built-in selection of some sort when you set up RDS on the 2012 servers?

Bob Pahls
0
 
Brad BouchardInformation Systems Security OfficerCommented:
I forgot to mention this:
The Remote App Manager no longer exists in Windows Server 2012. Management of Remote Apps in Windows Server 2012 has been moved to the central Server Manager console as part of the Remote Desktop Services section.
Per this link:  http://www.virtualizationadmin.com/articles-tutorials/vdi-articles/general/distribution-of-remote-apps-and-desktops-in-windows-server-2012.html

But, there is a way on that link that will help you distribute the RDP files if you need to distribute them to  your users so they see an icon.

Is there somewhere else I should be looking for this "app"?
Look in Server Manager on your servers.  You will see something like this:

remoteappservermanager
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
e-Tec_SupportAuthor Commented:
I have the RemoteApp Programs window, found that OK. But there is no "Remote Desktop Access" program there. This is where I am confused.

Bob Pahls
0
 
Brad BouchardInformation Systems Security OfficerCommented:
Ok, you are either trying to use the Remote Connection portion of RDWeb, or you are trying to access the RDP file that someone extracted from a RemoteApp.  Try following this:  http://www.virtualizationadmin.com/articles-tutorials/vdi-articles/general/distribution-of-remote-apps-and-desktops-in-windows-server-2012.html

Specifically the section that starts at Distributing Remote Apps and Desktops with Windows Server 2012

Go down to the subsection titled Manual distribution

If that doesn't work then you're referring to RDWeb Remote Connection and we can deal with that separately.

Report back.
0
 
Brad BouchardInformation Systems Security OfficerCommented:
If that doesn't work then you're referring to RDWeb Remote Connection and we can deal with that separately.

And just to be clear, users are used to having an icon on the RDWeb or on their desktop that they click on that takes them to a terminal session right?

Or does the screen they connect to look like this?

rdweb
0
 
e-Tec_SupportAuthor Commented:
They log in through the screen you shares in your last post, then after they are logged in they have their apps. One of the apps is "Remote Desktop Access" See attached.

When they choose the "Remote Desktop Access" app, they then get the error.  see attached.

I will look at your other information now.

Thanks
Bob Pahls
RDP-Screens.PNG
0
 
e-Tec_SupportAuthor Commented:
That link doesn't seem to pertain to what I am seeing.

Of interest is if the person that logged in chooses the "Connect to a remote PC" ?tab? at the top of the page, and then enters the "remote.server.com" they get connected with no issues.

Attached is a look at the RemoteApp manager
RemoteApp-view.PNG
0
 
Brad BouchardInformation Systems Security OfficerCommented:
You will have to do what my link says in the section where it is labeled Manual Distribution.  The reason for this is that it creates the .RDP file which your users are seeing on their desktops called Remote Desktop Access.
0
 
e-Tec_SupportAuthor Commented:
Took a couple days vacation. Back o it today. Will try the manual method.
0
 
e-Tec_SupportAuthor Commented:
So here's the problem. The Remote Desktop access "app" is not in my list of RemoteApp programs. So I cannot delete it manually. And the instructions state that the option is no longer available for server2012.

So again, i will ask, How do remove this app from the remote desktop page so I can then re-create it on a Server2012 RDP?
0
 
e-Tec_SupportAuthor Commented:
Here is how I eventually fixed my issue. Under the Remote Desktop Services | Collections I had RemoteDesktop and RemoteApps with one server assigned to each collection. I removed the RemoteDesktop collection and unassigned the server attached to it. This cleared my RDWeb screen of the Remote Desktop Access app that was failing.

Then I added the "free" server to the RemoteApps collection and set load balancing between the 2 servers now in that collection (made more sense to me to utilize the server in this way)

Then I created a new RemoteApp Program  called Remote Desktop Access pointing to mstsc.exe and set parameters to use command line parameters to the server I wanted to remote desktop into. (the server I removed from the remotedesktop collection)

Now I have a pool of 2 servers that share the RemoteApps and still have the Remote Access app to connect to the desktop.

Thanks for the help
Bob Pahls
0
 
e-Tec_SupportAuthor Commented:
Gave the reason for the issue. Gave a good resolution that actually improved performance while still giving the end user all the function of before.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

  • 8
  • 5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now