windows server 2012 r2 essentials anywherer access getting message with Remote Desktop. "this computer can't verify identity of RD gateway"

Windows server 2012 r2 essentials anywhere access.
I configured Anywhere access and had it working for a few weeks.
All of a sudden all users are getting a message when trying to use the remote desktop feature.
The web interface works great.  User can see Shared Folders and Devices.
The Users selects device to connect to, Downloads and saves the RDP file locally and then gets prompted to login.
They enter their credentials and then get the following error during connection.
"this computer can't verify the RD Gateway.  It's not safe to connect to servers that canbe identified. etc etc, etc....."

I have a certificate for the url from cacert.org.   The https works so that should be the certificate is good.
Why do I get this error and what is the best way to resolve the issue.

Thanks
Nick
nickthecomputerguyAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

nickthecomputerguyAuthor Commented:
I should add to the above  information.  The warning window that pops-up says "Remote Desktop Connection".
A button on the windows says View Certificate.  I view the certificate and it has a warning that "Windows does not have enough information to verify this Certificate".  Certificate Status "The issuer of the certificate could not be found".
Is this a configuration issue with anywhere access or windows certificates or the certificate itself?
0
jerseysamCommented:
Sounds like an SSL issue to me.

I would get a proper SSL certificate from godaddy or someone and set it up again.

See:

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_26591243.html

http://www.andrewstechnology.co.uk/reference/tips/44-sbs2011-rd-gateway-cant-verify-error.html
0
nickthecomputerguyAuthor Commented:
I will give that a try but I am still confused as to why it worked for a few weeks and the the issue started.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

jerseysamCommented:
Check your external IP has not changed if you are not on a fixed IP maybe?
0
nickthecomputerguyAuthor Commented:
The IP is static and no changes to ISP since install.  Thanks
0
nickthecomputerguyAuthor Commented:
I purchased a new SSL certificate pointing to my domain and installed it on the server.
when I login to use the remote desktop I get the same error because it is showing the old certificate.
How do I force the installing of new certificate?

Thanks
Nick
0
jerseysamCommented:
You can change the certificate in the TS Connection manager (tsconfig.msc).  Right click the connection and select properties and at the bottom of the RDP-Tcp Properties window in the general tab you get to choose the certificate, or import a new one.

From post: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_25885451.html
0
nickthecomputerguyAuthor Commented:
No TSCONFIG in Windows 2012 essentials.
0
jerseysamCommented:
Am not too familiar with essentials.

The certificate guide for 2008 can be found here:

https://technet.microsoft.com/en-us/library/cc754076.aspx

I dont have an essentials machine to try things on i am afraid.

Here are a couple of posts that deal with essentials more directly. Hope they can guide you:

http://blogs.technet.com/b/sbs/archive/2011/08/04/how-to-install-your-existing-certificate-into-sbs-essentials.aspx

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2012/Q_28341764.html
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
nickthecomputerguyAuthor Commented:
I still didn't resolve this issue.
0
nickthecomputerguyAuthor Commented:
The problem ended up being wrong information in the whois database.  They had old contact information from a long gone
employee and the certificate issuer kept sending a verification email to a deleted email address.  It is working now thanks for your input.
0
nickthecomputerguyAuthor Commented:
I had to sit and hash it out with support from the certificate authority.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2012

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.