Solved

Server 2012 R2 RDWEB SSL Issue

Posted on 2014-10-14
1
590 Views
Last Modified: 2014-10-14
I currently have a 2012 R2 server confgured to deploy apps using RDWEB.  Apps are published and working both internally and externally.  I have purchased and installed an SSL cert. from GoDaddy as well.

We are using split-brain DNS... Internal domain ends in .LOCAL and external domain ends in .COM.

When accessing the RDWEB page all is well...  The site uses the external name and SSL cert properly.

The issue is once logged into the site, and I launch an app I get the following dialogue box in attachment 1.  Then I get prompted for Username and Password, and then I get the dialogue box pop up in attachment 2.

If you notice the external name is there on attachment 1, and the internal name is there on attachment 2.....

External: apps.xxx.com
Internal: rds1.xxx.local

ATTACHMENT 1
ATTACHMENT 2
So the 2 questions are:

How can I get rid of the 2 dialogue boxes referring to SSL?

Why is it prompting me for Username and password when I launch an app AFTER I already successfully logged into the site?
0
Comment
Question by:BSModlin
1 Comment
 
LVL 56

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40380185
If your AD name is .local then there is no way to eliminate the dialog boxes from any/all non-corporate devices. The issue here is that later RDP clients verify the internal server is who it says via SSL, and since the internal server name is .local, that is what is presented. Further, publicly trusted SSL certificates will no longer allow .local names (rightly) so you have this situation where you can't create a reliable trust.

You can always create an SSL cert from an internal CA and you can then distribute the trusted root cert, but only devices that have had the trusted root cert installed will present without the dialog box. This is also the reason for the repeated prompts. The untrusted nature prevents the authentication token from being automatically delegated through.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now