Brad212
asked on
Remote Desktop Services Certificate Mismatch
I am setting up a remote desktop services farm, and I'm getting a certificate mismatch when connecting to the session host. The notification says that the requested computer has a local domain, but the certificate on the remote computer is a .com domain. Does anyone know what I'm missing to make this work? It would seem that I have to change the FQDN of each TS to remote.company.com, but I don't know how to do that. Any help is greatly appreciated.
ASKER
These are the details of my deployment: My farm has 4 servers all running Windows Server 2012 R2. One server, let's call it TS-Services, holds 3 roles - RD Web Access, RD Gateway, and RD Connection Broker. The other 3 servers are session hosts. Let's call them TS1, TS2, and TS3. All 4 servers use the same wildcard certificate - *.company.com, and my RD Gateway external FQDN is set to remote.company.com. I believe I had to change the published RDS name of the Connection Broker (TS-Services) from the local FQDN to remote.company.com. However, I can't seem do that on the TSs because they are not connection brokers. My clients are connecting from Windows 7 PCs.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Update: My second screenshot is unrelated. I had neglected to setup a computer group in Remote Desktop Gateway Manager. Once that was I done, I was able to connect to the session hosts.
Ok.
But the certification problem persists?
Did you check the EE link?
But the certification problem persists?
Did you check the EE link?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Great, keep the good work.
Regards
Regards
ASKER
I believe that using RDP 8.0 in conjunction with a Windows Server 2012 R2 RDS farm configured with 3rd party and self-signed certificates is the more modern approach than using SAN certificates. Some SSL cert providers have discontinued SAN certs.
ASKER