Azure VM's running RDS Gateway - SSL configuration

Hi all,

I'm having problems understanding the SSL configuration required in Azure for a RDS deployment. Everything's configured on my VM's and I'm trying to give access to the outside world to the Gateway Server on port 443 using a third party certificate.

I've uploaded the certificate as a PFX to the certificate section on the cloud service, I haven't done anything other then this at this point.

When connecting to the gateway with the RDP client I get the error

"This Computer can't verify the identity of the RD Gateway [Server Name]. It's not safe to connect to connect to servers that's can't be identified. Contact your network administrator for assistance."

This is because when hitting the service it's still using the built in Azure SSL certificate.

I've seen some suggestions that I might need to replace the cert thumbprint ID on the endpoint I've created but all the documentation I can find seems to be on web apps etc. with the config being performed in Visual Studio. Can anyone give me some clear direction on this?

Thanks in advance,

MB
mbaldoAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
did you setup azure networking before creating these vm's? on the gateway server you have to open up port 443
Virtual Machine Endpoint in the virtual machine you have to add the ssl certificate and configure the RDP gateway to use it and not here
0
mbaldoAuthor Commented:
Hi,

Thanks for the post, the end point has been created and the third party certificate has been used in the remote desktop/gateway configuration.

When I attempt to connect to port 443 however the certificate that is presented is still the azure certificate.
0
David Johnson, CD, MVPOwnerCommented:
are you using the gateway ip address or the vm's publc ip address? Did you setup networking BEFORE you created the vm's ????
0
Check Out How Miercom Evaluates Wi-Fi Security!

It's not just about Wi-Fi connectivity anymore. A wireless security breach can cost your business large amounts of time, trouble, and expense. Plus, hear first-hand from Miercom on how WatchGuard's Wi-Fi security stacks up against the competition plus a LIVE demo!

mbaldoAuthor Commented:
Yes, I've created a VLAN and all VMs are within a cloud service, I'm connecting to the public IP address of the cloud service. An endpoint has been created on the gateway server on port 443.
0
mbaldoAuthor Commented:
Sorry, turns out it's all my fault!

I'd used the IP of a second cloud service I'd setup in the DNS for the custom domain, corrected this and all working fine. Apologies for any time wasted!
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
mbaldoAuthor Commented:
my mistake, David's suggestion prompted my to check the basics :(
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Azure

From novice to tech pro — start learning today.