locked
Applied a public cert to RD Gateway but I'm getting a local server name conflict RRS feed

  • Question

  • Hi All,

    I've applied a wildcard cert (from Godaddy) to my RD Gateway and I can connect through fine but I get an error when connecting:

    The server name on the certificate is incorrect.

    I get that this is because I'm using the local server name when connecting through the RDGW, but the RDGW name is correct and the cert should work.

    So by that I mean: 

    server.local is the local server name I'm using in the RD Client
    RDGW.publicdomain.com is what I'm using for the RD Gateway

    The error shows:

    REquested remote computer: server.local
    Name in the cert: *.publicdomain.com

    Any ideas why it's mismatching?

    Thanks,

    Tom


    Tom

    Tuesday, September 15, 2015 8:33 PM

Answers

  • Hi Tom,

    1. Please change the published FQDN for your RDS deployment using the cmdlet below:

    Change published FQDN for Server 2012 or 2012 R2 RDS Deployment

    https://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80

    The name you change it to should have a DNS A record (in your internal DNS server) pointing to your RD Connection Broker's private ip address.  So instead of server.local as shown in your example it could server.publicdomain.com.

    2. In RD Gateway Manager, Properties of the RD RAP, Network Resource tab, please select Allow users to connect to any network resource.  Later you can create a RDG local group with all the required names added to it and select to use it instead if you want.

    After making the above changes please refresh the RDWeb page and test.  When launching a RemoteApp you should see Remote computer: server.publicdomain.com and Gateway server: rdgw.publicdomain.com showing in the prompt.

    I would appreciate it if you would rate the above cmdlet (hopefully 4-5 stars) once you have everything working.  Please let me know if you have any questions.

    Thanks.

    -TP


    • Edited by TP []MVP Wednesday, September 16, 2015 6:11 AM
    • Proposed as answer by Amy Wang_ Monday, October 5, 2015 10:12 AM
    • Marked as answer by Amy Wang_ Wednesday, October 7, 2015 5:25 AM
    Wednesday, September 16, 2015 6:10 AM

All replies

  • Can you confirm the wild card cert is installed on all RDS servers.
    Tuesday, September 15, 2015 11:49 PM
  • Hi Tom,

    1. Please change the published FQDN for your RDS deployment using the cmdlet below:

    Change published FQDN for Server 2012 or 2012 R2 RDS Deployment

    https://gallery.technet.microsoft.com/Change-published-FQDN-for-2a029b80

    The name you change it to should have a DNS A record (in your internal DNS server) pointing to your RD Connection Broker's private ip address.  So instead of server.local as shown in your example it could server.publicdomain.com.

    2. In RD Gateway Manager, Properties of the RD RAP, Network Resource tab, please select Allow users to connect to any network resource.  Later you can create a RDG local group with all the required names added to it and select to use it instead if you want.

    After making the above changes please refresh the RDWeb page and test.  When launching a RemoteApp you should see Remote computer: server.publicdomain.com and Gateway server: rdgw.publicdomain.com showing in the prompt.

    I would appreciate it if you would rate the above cmdlet (hopefully 4-5 stars) once you have everything working.  Please let me know if you have any questions.

    Thanks.

    -TP


    • Edited by TP []MVP Wednesday, September 16, 2015 6:11 AM
    • Proposed as answer by Amy Wang_ Monday, October 5, 2015 10:12 AM
    • Marked as answer by Amy Wang_ Wednesday, October 7, 2015 5:25 AM
    Wednesday, September 16, 2015 6:10 AM