We have the following scenario
- A plain vanilla 2012R2 based RDS deployment in which we want to use a RD Gateway (wasn't the case so far)
- The local domain named domain.local - public domain domain.com
- A vaéid wildcard cert for *.domain.com
- Gateway machine is named rdshost.domain.local and session host rdshost.domain.local
We have performed the various setup and everything works fine, except that we have a certificate mismatch because the user connecting is redirected by the gateway to rdshost.domain.local (the name of the machine in the local domain) whereas the cert is for domain.local. And obviously we will never have a CA cert for domain.local
What is the best practice in such circumstances (I guess it is a pretty classic use case) ?