locked
AD RMS Certificate warning while opening AD RMS mgmt console RRS feed

  • Question

  • Hi,

    Can anyone help me to resolve one warining that is being prompted while opening AD RMS Management Console. This is just a warining and it doesn't block me from performing any of the AD RMS related activiteis. Every features just works perfectly fine.

    Warning:The name of the security certificate is not valid or does not match the name of the site

    I tried every possible ways that i thought of doing such as i created a self signed certificate with the FQDN of the RMS cluster, but the warning still exists.

    Thanks & Regards

    Pradeesh

    Tuesday, May 3, 2011 9:47 AM

Answers

All replies

  • hy,

    in my case i had to put the hostnames from all the nodes AND the Clustername on the certificate.

    example:

    node1

    node1.FQDN

    node2

    node2.FQDN

    Clustername

    Clustername.FQDN

     

    hope i could help

    greetings

    Daniel


    • Proposed as answer by AZaloum90 Monday, April 13, 2020 2:42 AM
    Wednesday, May 4, 2011 4:33 PM
  • Hi

    Can you check via the IIS console, for the HTTPS binding, which certificate is connected to the Default Website? Probably the wrong certificate is binded to the port, thats why you might be getting the warning.

     

     


    Blog Link: http://blogs.cyquent.ae | Follow us on Twitter: @cyquent

    Thursday, May 5, 2011 12:53 PM
  • Hey Danie,

    In my case i've created a self signed certificate for the RMS cluster. The RMS cluster is configured in Windows NLB and the certificate is created with the virtual name of the cluster and the RMS cluster is also having the same name as the FQDN of the virtual host name.

    Regards,

    Pradeesh

    Saturday, May 7, 2011 1:09 PM
  • Hey Adnan,

    As you said I checked my IIS console for the HTTPS bindings and found it was properly binded to the self signed certificate that i had created. As Danie suggested may be its because of the certificate name, since i have included only the FQDN of the NLB virtual name and not the node1 and node2 names.

    Pradeesh

    Saturday, May 7, 2011 1:15 PM
  • Hi

    Sorry, did you manage to resolve this one? IMO this error has nothing to do with the SSL cert for the RMS Intranet URL


    Blog Link: http://blogs.cyquent.ae | Follow us on Twitter: @cyquent

    Tuesday, May 10, 2011 7:31 PM
  • Not yet. Is there any issue if the error rmains unresolved. Any compliance issue or any such threats.

    Regards,

    Pradeesh

    Thursday, May 12, 2011 2:19 PM
  • Here is what you are experiencing: http://support.microsoft.com/kb/896861.  On AD RMS cluster nodes, you can disable the loopback check as described in that article.  Set the following registry value to disable the loopback check.

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\DisableLoopbackCheck=1 (DWORD)

    Tuesday, April 17, 2012 6:06 PM
  • THIS is correct.  I had the same problem on a 2016 server.  If you request the cert from a CA, you need to use the Web Server Template, duplicate it, then when you request for that server, you must input the common name as the RMS FQDN, and then in the Subject Alternative names, you have to input:

    all of the node names

    all of the node name FQDNs

    RMS Cluster Name (in my case it was just "RMS")

    RMS Cluster FQDN

    Without all of this info you can't manage the ADFS Cluster storage.

    Monday, April 13, 2020 2:44 AM
  • This is NOT correct.  Also link is broken

    Monday, April 13, 2020 2:45 AM