lianne143
asked on
Error: The remote computer could not be authenticated due to problems with its security certificate. It may be unsafe to proceed
Hi
We have RDP server installed on windows 2012 on our network and using a link similar as shown below we access our RDP server.
https://desktop.parkview.wales.sch.uk/Rdweb
The SSL certificate had expired a week ago. I had bought the new SSL certificate from the SSl provider and they had emailed me a zip file that contains the SSL and when I extracted, I could see the certificate called “desktop.parkview.wales.sc h.uk. crt” which is now valid till 2020
and also a folder called RootCertificates within the ZIP folder.
When I open this RootCertificates folder, there were two more certificates within this folder called
IntermediateCertificate.cr t – Valid till 2023
RootCertificate.crt – valid till 2031
So went to MMC on the server and imported the IntermediateCertificate.cr t to the
Intermediate Certification Authorities - Certificate folder
and the RootCertificate.crt to the Trusted Root Certification Authorities- Certificate folder
and finally I the desktop.parkview.wales.sch .uk. crt to the personal store as instructed in the
following URL and followed step 1-15 and finally did the site bindings .
https://www.digicert.com/ssl-certificate-installation-microsoft-iis-8.htm
With my condition on the IIS i imported the desktop.parkview.wales.sch .uk. crt by "Complete Certificate Request... as shown on step 5. Not sure if this was correct step to renew the expired SSl certificate.
Now when I RDP
https://desktop.parkview.wales.sch.uk/Rdweb
I get the error that says: The remote computer could not be authenticated due to problems with its security certificate. It may be unsafe to proceed (looks like somewhere i done a mistake) and if I click yes , i am able to connect successfully to my RDP server.
This doesn't seems to look correct and not sure how the validity of certificate says 05/04/2017 ( not sure if it is looking at any other certificate in the store)
When the newly procured and installed certificate desktop.parkview.wales.sch .uk. crt validity is till 2020
Please see the attached snapshot error.
Please i need to sort this any help would be really great!
Please let me know if you need any further information.
Thanks
Cert-errors3.png
We have RDP server installed on windows 2012 on our network and using a link similar as shown below we access our RDP server.
https://desktop.parkview.wales.sch.uk/Rdweb
The SSL certificate had expired a week ago. I had bought the new SSL certificate from the SSl provider and they had emailed me a zip file that contains the SSL and when I extracted, I could see the certificate called “desktop.parkview.wales.sc
and also a folder called RootCertificates within the ZIP folder.
When I open this RootCertificates folder, there were two more certificates within this folder called
IntermediateCertificate.cr
RootCertificate.crt – valid till 2031
So went to MMC on the server and imported the IntermediateCertificate.cr
Intermediate Certification Authorities - Certificate folder
and the RootCertificate.crt to the Trusted Root Certification Authorities- Certificate folder
and finally I the desktop.parkview.wales.sch
following URL and followed step 1-15 and finally did the site bindings .
https://www.digicert.com/ssl-certificate-installation-microsoft-iis-8.htm
With my condition on the IIS i imported the desktop.parkview.wales.sch
Now when I RDP
https://desktop.parkview.wales.sch.uk/Rdweb
I get the error that says: The remote computer could not be authenticated due to problems with its security certificate. It may be unsafe to proceed (looks like somewhere i done a mistake) and if I click yes , i am able to connect successfully to my RDP server.
This doesn't seems to look correct and not sure how the validity of certificate says 05/04/2017 ( not sure if it is looking at any other certificate in the store)
When the newly procured and installed certificate desktop.parkview.wales.sch
Please see the attached snapshot error.
Please i need to sort this any help would be really great!
Please let me know if you need any further information.
Thanks
Cert-errors3.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
When I do RDP through https://desktop.parkview.wales.sch.uk/Rdweb , internal to our network or external to our network.
I get this certificate popup:
Issued to : Parkview-RDP-001.domain.Lo cal
Issued by: Parkview-RDP-001.domain.Lo cal
But wondering why the PC are not accepting the following newly installed certificate when remote access.
desktop.parkview.wales.sch .uk. crt
IntermediateCertificate.cr t
RootCertificate.crt
On the RDP server - MMC - Certificate console , I searched through every folder to delete the Parkview-RDP-001.domain.Lo cal and cant find.
I noticed the old expired SSL certificate on the RDP server had .cer file extension, but the newly procured certificates has a file extension of .crt and will this be a problem ?
Please suggest if I can try any thing else to make the PC accept the new certificates.
Thanks
I get this certificate popup:
Issued to : Parkview-RDP-001.domain.Lo
Issued by: Parkview-RDP-001.domain.Lo
But wondering why the PC are not accepting the following newly installed certificate when remote access.
desktop.parkview.wales.sch
IntermediateCertificate.cr
RootCertificate.crt
On the RDP server - MMC - Certificate console , I searched through every folder to delete the Parkview-RDP-001.domain.Lo
I noticed the old expired SSL certificate on the RDP server had .cer file extension, but the newly procured certificates has a file extension of .crt and will this be a problem ?
Please suggest if I can try any thing else to make the PC accept the new certificates.
Thanks
you're looking in the wrong spot it will be either in the connection manager or the remote desktop gateway or remote desktop
ASKER
If I delete this inappropriate certificate from this location , will the client pick up the new SSL certificate.
please redirect all answers/questions to the other similar question you have open.. This question is closed
ASKER
The new certificates were procured from QuoVadis. Please let me know if i have installed the 3 certificates on the relevant folders on the MMC of the server.
Please let me know as how to trouble shot this further.
Thanks