Solved

windows server 2012 r2 essentials anywherer access getting message with Remote Desktop.  "this computer can't verify identity of RD gateway"

Posted on 2015-02-12
13
434 Views
Last Modified: 2015-03-24
Windows server 2012 r2 essentials anywhere access.
I configured Anywhere access and had it working for a few weeks.
All of a sudden all users are getting a message when trying to use the remote desktop feature.
The web interface works great.  User can see Shared Folders and Devices.
The Users selects device to connect to, Downloads and saves the RDP file locally and then gets prompted to login.
They enter their credentials and then get the following error during connection.
"this computer can't verify the RD Gateway.  It's not safe to connect to servers that canbe identified. etc etc, etc....."

I have a certificate for the url from cacert.org.   The https works so that should be the certificate is good.
Why do I get this error and what is the best way to resolve the issue.

Thanks
Nick
0
Comment
Question by:nickthecomputerguy
  • 8
  • 5
13 Comments
 

Author Comment

by:nickthecomputerguy
ID: 40605753
I should add to the above  information.  The warning window that pops-up says "Remote Desktop Connection".
A button on the windows says View Certificate.  I view the certificate and it has a warning that "Windows does not have enough information to verify this Certificate".  Certificate Status "The issuer of the certificate could not be found".
Is this a configuration issue with anywhere access or windows certificates or the certificate itself?
0
 
LVL 15

Expert Comment

by:jerseysam
ID: 40605754
Sounds like an SSL issue to me.

I would get a proper SSL certificate from godaddy or someone and set it up again.

See:

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_26591243.html

http://www.andrewstechnology.co.uk/reference/tips/44-sbs2011-rd-gateway-cant-verify-error.html
0
 

Author Comment

by:nickthecomputerguy
ID: 40605818
I will give that a try but I am still confused as to why it worked for a few weeks and the the issue started.
0
 
LVL 15

Expert Comment

by:jerseysam
ID: 40605832
Check your external IP has not changed if you are not on a fixed IP maybe?
0
 

Author Comment

by:nickthecomputerguy
ID: 40605869
The IP is static and no changes to ISP since install.  Thanks
0
 

Author Comment

by:nickthecomputerguy
ID: 40606731
I purchased a new SSL certificate pointing to my domain and installed it on the server.
when I login to use the remote desktop I get the same error because it is showing the old certificate.
How do I force the installing of new certificate?

Thanks
Nick
0
[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

 
LVL 15

Expert Comment

by:jerseysam
ID: 40607740
You can change the certificate in the TS Connection manager (tsconfig.msc).  Right click the connection and select properties and at the bottom of the RDP-Tcp Properties window in the general tab you get to choose the certificate, or import a new one.

From post: http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Q_25885451.html
0
 
LVL 15

Expert Comment

by:jerseysam
ID: 40607741
0
 

Author Comment

by:nickthecomputerguy
ID: 40609276
No TSCONFIG in Windows 2012 essentials.
0
 
LVL 15

Accepted Solution

by:
jerseysam earned 500 total points
ID: 40609519
Am not too familiar with essentials.

The certificate guide for 2008 can be found here:

https://technet.microsoft.com/en-us/library/cc754076.aspx

I dont have an essentials machine to try things on i am afraid.

Here are a couple of posts that deal with essentials more directly. Hope they can guide you:

http://blogs.technet.com/b/sbs/archive/2011/08/04/how-to-install-your-existing-certificate-into-sbs-essentials.aspx

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/Windows_Server_2012/Q_28341764.html
0
 

Author Comment

by:nickthecomputerguy
ID: 40650815
I still didn't resolve this issue.
0
 

Author Comment

by:nickthecomputerguy
ID: 40684825
The problem ended up being wrong information in the whois database.  They had old contact information from a long gone
employee and the certificate issuer kept sending a verification email to a deleted email address.  It is working now thanks for your input.
0
 

Author Closing Comment

by:nickthecomputerguy
ID: 40684827
I had to sit and hash it out with support from the certificate authority.
0

Featured Post

[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
How to reduce VM disk capacity without losing OS data ? 10 86
RDP in EC2 Shows As Black Screen 8 33
Windows USB 4TB Backup Drive 7 32
Win 7 printing problems 7 9
The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now