Solved

Remote Desktop Services Certificate Mismatch

Posted on 2015-01-05
9
298 Views
Last Modified: 2015-01-11
I am setting up a remote desktop services farm, and I'm getting a certificate mismatch when connecting to the session host. The notification says that the requested computer has a local domain, but the certificate on the remote computer is a .com domain. Does anyone know what I'm missing to make this work? It would seem that I have to change the FQDN of each TS to remote.company.com, but I don't know how to do that. Any help is greatly appreciated.
0
Comment
Question by:Brad212
  • 6
  • 3
9 Comments
 

Author Comment

by:Brad212
Comment Utility
Screenshot of the certificate mismatch notification
0
 

Author Comment

by:Brad212
Comment Utility
These are the details of my deployment: My farm has 4 servers all running Windows Server 2012 R2. One server, let's call it TS-Services, holds 3 roles - RD Web Access, RD Gateway, and RD Connection Broker. The other 3 servers are session hosts. Let's call them TS1, TS2, and TS3. All 4 servers use the same wildcard certificate - *.company.com, and my RD Gateway external FQDN is set to remote.company.com. I believe I had to change the published RDS name of the Connection Broker (TS-Services) from the local FQDN to remote.company.com. However, I can't seem do that on the TSs because they are not connection brokers. My clients are connecting from Windows 7 PCs.
0
 

Author Comment

by:Brad212
Comment Utility
This is the notification that appears when trying to connect externally over the internet.
0
 
LVL 12

Assisted Solution

by:David Paris Vicente
David Paris Vicente earned 100 total points
Comment Utility
Hi,

You can find here in EE an answer to a similar problem.

If you continue to struggle with the problem let us know.


Hope it helps.

D.
0
Highfive Gives IT Their Time Back

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:Brad212
Comment Utility
Update: My second screenshot is unrelated. I had neglected to setup a computer group in Remote Desktop Gateway Manager. Once that was I done, I was able to connect to the session hosts.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
Comment Utility
Ok.

But the certification problem persists?
Did you check the EE link?
0
 

Accepted Solution

by:
Brad212 earned 0 total points
Comment Utility
Thanks for you comment. While the post you referenced is similar, I found a different solution. The other post recommends a SAN certificate, but because I had already purchased a wildcard cert - as most of the documentation I found online suggested, I was reluctant to change the cert. After some digging I found that RDP 8.0 (included with Windows 8) somehow works around the problem and doesn't present the certificate mismatch notification. My solution will be to update my Windows 7 clients to RDP 8.1 which is the latest version. Hopefully this will help someone else save some time and effort.
0
 
LVL 12

Expert Comment

by:David Paris Vicente
Comment Utility
Great, keep the good work.

Regards
0
 

Author Closing Comment

by:Brad212
Comment Utility
I believe that using RDP 8.0 in conjunction with a Windows Server 2012 R2 RDS farm configured with 3rd party and self-signed certificates is the more modern approach than using SAN certificates. Some SSL cert providers have discontinued SAN certs.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

The reason that corporations and businesses use Windows servers is because it supports custom modifications to adapt to the business and what it needs. Most individual users won’t need such powerful options. Here I’ll explain how you can enable Wind…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now