none
Publisher of RemoteApp program cannot be identified.

    Question

  • Hello

    First, let me start out with a little background information on my current configuration.  My setup currently includes two servers, both are 2008.  ServerA is the connection broker with a DNS entry for VDI pointing to it.  ServerB is running Hyper-V and has 40 virtual Windows 7 desktops on it which the users connect to.  When a user needs to access one of the virtual computers, he/she will visit https://vdi/rdweb and they are presented with an icon that looks like the RDP icon called Standard Apps.  When they click on that, they get the message "The publisher of this RemoteApp program cannot be identified."  Not sure if it matters but the end users have Windows XP client machines.

    What I am looking to do is eliminate that message for my users.  I know that if it was digitally signed properly I would still get the prompt but at that point I should be able to surpress it.  If I go into the RemoteApp Manager on ServerA, I can see that the Digital Signature Settings is there and it shows it is currently signed as ServerA.domain.local.  However, if I click on it to get more information it tells me that the CA Root certificate is not trusted.  My manager does not want me using self signed certificates and wants me to use the CA that we have in the office.  I have been attempting to this and for whatever reason I have been unable to properly genreate and assign a certificate.  The issue that comes into play with this as well is that none of the guys here are very well versed in certificates.  Despite all of my research and attemtps, I have not been able to figure out how to do this.

    I tried using the local computer certificates snap in on the server and when I attempt to generate a cert from there, it outputs some information to a text file.  When I go to the cert server and attempt to bring that in, I get an errror about being denied.  I tried generating a cert in IIS, installing it into personal and then attempting to use that but it doesn't make the message go away.  I also tried the web version of trying to do it and seems like it works, but just doesn't actually do anything from what I can tell.  I think I am just missing a vital step or I'm doing /naming something wrong.

    My questions to the people of the forums is this :

    1. Is there anything out there that has good, easy instructions on how to generate the required cert?  Obviously the simpler the better since I am not very familiar with this.  Most other things I found either don't use a CA or are not very clear.  Even if it's a step by step on how to setup Remote Desktop Services from beginning to end, as long as it has the info I want.
    2. During all of my testing and playing with this, when I hit change on the digital signature settings and then change again, there are a lot of certs listed there.  Just about all of them are my failed attempts at getting this to work.  Is there a way to clean this up?

    Thank you in advance for any information, links or help you can provide.


    Thursday, April 28, 2011 2:49 PM

Answers

All replies

  • Chickensaur,

    So you have your own CA. What kind of CA is it? Microsoft's? Other?

     

    Also, just FYI, buying a cert to do this (an SSL cert) costs abotu $30. So all is not lost if you can't get your CA to get you one. Your CA just needs to give you a typical SSL cert. If it is a Microsoft CA then I can help you. Let me know,

     


    Hope this helps,

    Kristin L. Griffin

    SUPER BIG fan of the Remote Desktop Virtualization Team!!!) 

    My RDS blog: blog.kristinlgriffin.com

    The new Microsoft Windows Server 2008 R2 Remote Desktop Services Resource Kit is now available!
    Thursday, April 28, 2011 5:22 PM
  • I apologize for not providing that information.  The CA is Microsoft.

    I know you can get a cert from someone like godaddy and that would resolve both of the issues I am having with the certificates.  However, I don't believe my boss wants to go ahead with that only because the site is basically for internal use.  We have small satellite offices in a number of states and each office has one to five PCs.  Eventually we will be using a hardware VPN between them and us but as of now they are "dialing" into our VPN and then using this site.  So there is never any external access to this site or the VDI.  I believe that is the reason my boss wants me to use CA. 

    I'm not even sure they even care if this gets resolved or not.  I think it's just the kind of person I am who wants to get things done right and make sure they look clean.

    Thursday, April 28, 2011 7:28 PM
  • SO this question is not really an RDS question but really "How do I get a cert from a Microisoft CA". Contact me offline at kristin.l.griffin@gmail.com and I will take apek at what you have going on. Getting a cert from a properly functioning CA is easy. I can show you how.
    Hope this helps,

    Kristin L. Griffin

    SUPER BIG fan of the Remote Desktop Virtualization Team!!!) 

    My RDS blog: blog.kristinlgriffin.com

    The new Microsoft Windows Server 2008 R2 Remote Desktop Services Resource Kit is now available!
    Thursday, April 28, 2011 7:35 PM
  • SO this question is not really an RDS question but really "How do I get a cert from a Microisoft CA". Contact me offline at kristin.l.griffin@gmail.com and I will take apek at what you have going on. Getting a cert from a properly functioning CA is easy. I can show you how.
    Hope this helps,

    Kristin L. Griffin

    SUPER BIG fan of the Remote Desktop Virtualization Team!!!) 

    My RDS blog: blog.kristinlgriffin.com

    The new Microsoft Windows Server 2008 R2 Remote Desktop Services Resource Kit is now available!

    Just an update : I sent you the email.  I just wanted to post here in case it got caught in spam or something.
    Thursday, April 28, 2011 8:41 PM
  • Ok I have talked to Chickensaur and due to the strict policies of his company, they cannot allow me in to help them. that is ok, because his question really has to do with getting the CA server to issue an SSL certificate and not really about RDS.

    I have pointed him to the Security forum, where I am sure they can help him with his PKI issue: http://social.technet.microsoft.com/Forums/en-US/winserversecurity/threads


    Hope this helps,

    Kristin L. Griffin

    SUPER BIG fan of the Remote Desktop Virtualization Team!!!) 

    My RDS blog: blog.kristinlgriffin.com

    The new Microsoft Windows Server 2008 R2 Remote Desktop Services Resource Kit is now available!
    Friday, April 29, 2011 9:22 PM