Replace Self Signed SSL Certificate on W2012 Remote Desktop Gateway with Trusted CA Certs (Network Solutions)

I had my 2012 Remote Desktop Gateway running fine with a self signed cert but it of course required importing the cert into the remote machine.  I wanted to be able to connect from the Internet without having to import a cert.  Purchased a SSL from NWSol but cannot figure how to get it installed.  Network Solutions is not any help.
Everything I can find in the way of docs refers to setting up the Gateway with a self signed cert for testing until you buy one from a trusted CA.  Nothing about when you get one bought.
NW Solutions provided 4 files one named the and 3 others.
Stafford FieldsIT DirectorAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

btanExec ConsultantCommented:
It is more of importing cert (step 2 and 3) into the Gateway since you gotten the 3rd party issued cert
The process of obtaining, importing, and configuring a certificate for RD Gateway server involves the following steps:
1 Obtain a signed certificate that is signed by a trusted certification authority for the RD Gateway server.
2 Import a certificate to the RD Gateway server in the (Local Computer)/Personal Store.
3 Import a certificate to be used by the RD Gateway server.

For NS, you may have received it as several files as mentioned e.g. 'your_domain_com.crt' and intermediate certificates UTNAddTrustServer_CA.crt and NetworkSolutions_CA.crt.  The root certificate AddTrustExternalCARoot.crt may also be provided. You need to install them into the local machine cert store req. Personal store will follow as above and the remaining trusted root, and intermediate ones - see the "Installing Root and Intermediate Certificate installation via MMC" in

in case you need ..."Where can I locate the Network Solutions nsProtect™ Root and Intermediate Certificate Files?"

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Stafford FieldsIT DirectorAuthor Commented:
Thanks... However I did the above and when I go to the RD Gateway Manager, it still shows no SSL cert and if I try to use option 3 to bring in an existing 3rd party cert, it wants a .pfx cert which is the private key portion of the cert.  The ones supplied by NWSOL do not include that...
Or am I missing something?  I will admit... the whole process is fuzzy at best since I dont do this often enough.  I thought I was doing good to create a self signed and make it work but when I got past the testing phase and wanted Internet operation without issues or import of cert first... this is what I ran into.
btanExec ConsultantCommented:
likely the PEM cert is issued for the domain and can try use the convertor to change to pfx (the tool can take in other format to convert ..)
no ssl cert will need to verify if it is installed in the local machine personal store via mmc too..
Stafford FieldsIT DirectorAuthor Commented:
Sorry I didnt do this earlier... I have not had time to actually try the solution but thats the information I needed... I appreciate it!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.