asked on 2012 R2 RDS Certificate installation
Hello,
I am attempting to install SSL certs for our RDS Farm. Internal domain is domain.local and external site will be portal.company.com
I was wondering what the correct procedure was for deploying the certs to all hosts.
Thanks,
I am attempting to install SSL certs for our RDS Farm. Internal domain is domain.local and external site will be portal.company.com
I was wondering what the correct procedure was for deploying the certs to all hosts.
Thanks,
Windows Server 2012Remote Access
Last Comment
arnold
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
If you are using a private/internal CA then you will be able to create certificates which contain both the internal and external hostnames (and if you like the IP Addresses) of your hosts. If you're using an internal CA then you will need to distribute your root certificate to all of your end users/clients so that they don't receive certificate warnings.
If you are following the commercial CA route, then the best option is to utilize split a DNS solution. Internally, when your users access portal.company.com they will receive a different IP address than if they access it via the Internet. Because SSL certificates are matched on hostname and not IP address, this will solve any potential certificate mismatch issue.