Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

server 2012 certificate

Posted on 2014-10-25
17
Medium Priority
?
1,084 Views
Last Modified: 2014-10-26
I have installed the following cert. as the https (port 443) in my IIS manager in the default website AND in my Remote Desktop Services gateway on server 2012 R2 :
ticktockit-sbs.ticktock.local

When I access from the network:
https://ticktockit-sbs.ticktock.local/RDWeb
I get a vert nofification

I install the certificate in the Root certificate location
I then proceed to the RDWeb access interface and get my icons to launch
When I launch them I get the following:

Your computer can't connect to the remote computer because your computer or device did not pass the Network Access Protection requirements set by your network administrator

Please help
0
Comment
Question by:doctorbill
  • 10
  • 4
  • 3
17 Comments
 
LVL 39

Assisted Solution

by:Mahesh
Mahesh earned 856 total points
ID: 40403849
In RD Gateway Manager console on RD Gateway Server, ensure that resource access policies (RAP) are allowed to all users and all computers \ intended ones
0
 

Author Comment

by:doctorbill
ID: 40403965
where exactly is this please
0
 

Author Comment

by:doctorbill
ID: 40403976
Found it
It is enabled and allowing All Domain users
0
[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

 
LVL 8

Assisted Solution

by:tshearon
tshearon earned 1144 total points
ID: 40404004
What kind of cert did you get? Is it a self signed one or from a trusted public CA? If the cert is good (x.509 that meet the requirements of RD Gateway) then you should install/import it into the personal certificate folder on the local machine I'm sure.

Anyway, this site should help you resolve.

http://technet.microsoft.com/en-us/library/dd320345(v=ws.10).aspx
0
 

Author Comment

by:doctorbill
ID: 40404031
self signed
Still not working
0
 

Author Comment

by:doctorbill
ID: 40404033
I still get this:

Your computer can't connect to the remote computer because your computer or device did not pass the Network Access Protection requirements set by your network administrator

Please concentrate on this message only
0
 
LVL 8

Assisted Solution

by:tshearon
tshearon earned 1144 total points
ID: 40404035
So did you check that article and make sure you have done everything it has asked for self signed certs?
0
 
LVL 8

Accepted Solution

by:
tshearon earned 1144 total points
ID: 40404038
I apologize, I see what you are saying.

Have you checked here to make sure your NAP policy is configured the way you want?

http://technet.microsoft.com/en-us/library/cc732172(v=ws.10).aspx
0
 

Author Comment

by:doctorbill
ID: 40404041
which policy do I need to check - specific please
0
 
LVL 8

Assisted Solution

by:tshearon
tshearon earned 1144 total points
ID: 40404045
It's in the article I posted. Specifically you would start with the system requirements for the TS Gateway NAP scenario. It would be impossible for me to tell you specifically what your issue is because I do not know how you have it configured.
0
 

Author Comment

by:doctorbill
ID: 40404113
This is all configured but I still get the message
0
 
LVL 39

Assisted Solution

by:Mahesh
Mahesh earned 856 total points
ID: 40404115
U have checked that all users are allowed through RAP.
Have you checked that all computers are allowed in RAP policies under RD gateway manager ?
The RAP is nothing but you are accessing NAP policies only, but from RD Gateway manager

Ensure that The name (Common Name) of certificate and RD Gateway FQDN both are same, otherwise you will get errors no matter certificate is self signed \ domain based \ 3rd party

Also you must update RDP client on Win7 Machines to 8.1 version (Latest one)
http://support.microsoft.com/kb/2923545

Check new features of RDP 8.1 client
http://support.microsoft.com/kb/2830477

After client updating check if you are able to connect, it is required to connect to 2012 \ 2012 R2 RDS servers
0
 

Author Comment

by:doctorbill
ID: 40404116
If I access the site on the server it all works fine so it is definitely linked to remote access
0
 

Author Comment

by:doctorbill
ID: 40404123
The RDP client works fine

I am using the web access client:
https://ticktock-sbs/RDWeb
I can log on no problem and get all the remote desktop icons but when I click on them I get the message described above

Sorry - I thought I made that clear in the opening question
0
 
LVL 39

Assisted Solution

by:Mahesh
Mahesh earned 856 total points
ID: 40404256
Login into web access and accessing web app icon is two different things

When you use web app to connect to application hosted on RD Session host server, the requests are routed through RD Gateway server via RDP client

Can you please check RDP client version installed on client machine from where you are accessing RD Web Access URL
Open RDP client and right click top and check what is the version of RDP client
0
 

Author Comment

by:doctorbill
ID: 40404341
version 6.3.9600
0
 

Author Closing Comment

by:doctorbill
ID: 40404759
Many ideas
0

Featured Post

[Webinar On Demand] Database Backup and Recovery

Does your company store data on premises, off site, in the cloud, or a combination of these? If you answered “yes”, you need a data backup recovery plan that fits each and every platform. Watch now as as Percona teaches us how to build agile data backup recovery plan.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My previous article  (http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2008/A_4466-A-beginners-guide-to-installing-SCCM2007-on-Windows-2008-R2-Server.html)detailed one possible method to get SCCM 2007 installed an…
Know what services you can and cannot, should and should not combine on your server.
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
The Relationships Diagram is a good way to get an overall view of what a database is keeping track of. It is also where relationships are defined. A relationship specifies how two tables connect to each other. As you build tables in Microsoft Ac…

571 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question