ajthomas12
asked on
Certificate Error When Launching App with Remote Desktop Connection
Hello,
When I try to launch an app through remote desktop services it says that the Remote Desktop Gateway server address requested and the certificate subject name do not match. When I view the certificate the subject name is that of my mail server. When I look at the certificate path, it is not one of the four I have installed, trusted, and OK on my Remote Desktop Services deployment.
I can't find the cert and I cannot figure out why it's being used instead of the ones I have installed.
We did set up our mail server before setting up our Remote Desktop server.
Any help in fixing this issue is greatly appreciated.
Thanks,
~AJ
When I try to launch an app through remote desktop services it says that the Remote Desktop Gateway server address requested and the certificate subject name do not match. When I view the certificate the subject name is that of my mail server. When I look at the certificate path, it is not one of the four I have installed, trusted, and OK on my Remote Desktop Services deployment.
I can't find the cert and I cannot figure out why it's being used instead of the ones I have installed.
We did set up our mail server before setting up our Remote Desktop server.
Any help in fixing this issue is greatly appreciated.
Thanks,
~AJ
Cliff Galiher
Did you set up your gateway on your mail server? IF your mail server offers web services (such as exchange's OWA), then you'll have issues with both services trying to use port 443.
ASKER
Yes, we are using Exchange's OWA.
Major bummer that they are conflicting.
Is there any kind of solution for this?
~AJ
Major bummer that they are conflicting.
Is there any kind of solution for this?
~AJ
Configure both services to use the same name and the same certificate.
ASKER
I don't want to deal with certs if I can help it. Would it work to setup Exchange OWA to use a different port other than 443?
~AJ
~AJ
Still uses certificates. And if you have mobile devices that use EAS, you can't change ports.
Ideally these wouldn't l or together anyways use different IP addresses and servers (virtualize, etc) but if you can't then the only good solution is as suggested.
Ideally these wouldn't l or together anyways use different IP addresses and servers (virtualize, etc) but if you can't then the only good solution is as suggested.
ASKER
I am the only eMail web user, but I believe my boss said he got his phone working the other day, so... changing the port may be a bad idea then.
We have them on different VM servers.
One for Remote Desktop Services, one for Exchange, and one for the application I am trying to launch.
It is my understanding, I will try and verify this, that they are coming in on different IPs.
So if I install my wild card Cert *.domain.com in place of my exchange Cert mail.domain.com, that will fix it without breaking anything else?
~AJ
We have them on different VM servers.
One for Remote Desktop Services, one for Exchange, and one for the application I am trying to launch.
It is my understanding, I will try and verify this, that they are coming in on different IPs.
So if I install my wild card Cert *.domain.com in place of my exchange Cert mail.domain.com, that will fix it without breaking anything else?
~AJ
I'd they are on different servers, different IP addresses, you didn't instakl your mail cert on your RDS box and you configured you're router properly then you wouldn't be getting your mail server cert. So one of those things isn't true. That's the ONLY way a certificate gets from server to client.
ASKER
Ok, I will verify the IPs and check the router. I checked the inserts on the RDS VM and they do NOT have the subject of mail.domain.com. Exchange and the OWA are working correctly.
I will let you know what I find.
Thanks for your help,
~AJ
I will let you know what I find.
Thanks for your help,
~AJ
I should stress that I am specifically referencing the box with the RDGateway role. Which can be different that the box (or VM) with the session host role. It doesn't really change what I said. Just wanted that clarity.
ASKER
Ok, I checked everything out to the best of my ability and found that the router looked correct and all the IPs looked correct.
What I did notice is that the 'Domain' for the 'Work Resources' login page is the same as the 'Domain' for the Exchange OWA login page. Could this be causing the issue?
I also noticed on the old server we always show a DA or database admin account logged in and connected in Remote Desktop Services -> Collections -> <server name> in the Connections window. Could this be part of the problem?
Please let me know when you get a chance what you think.
Thanks,
~AJ
What I did notice is that the 'Domain' for the 'Work Resources' login page is the same as the 'Domain' for the Exchange OWA login page. Could this be causing the issue?
I also noticed on the old server we always show a DA or database admin account logged in and connected in Remote Desktop Services -> Collections -> <server name> in the Connections window. Could this be part of the problem?
Please let me know when you get a chance what you think.
Thanks,
~AJ
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It turned out to be that our A record, for the path our RDS server was using, on GoDaddy had the wrong IP address assigned.
Thanks for you help.
~AJ
Thanks for you help.
~AJ