Windows 2012 RDSH cert issue

hi,

i seeing strange issue on windows server 2012 rds deployment.

setup is:

2 x management server running gateway, rdweb , ha session broker

3x rdsh servers

all certs internal pki (url’s , fqdn’s correct)

the issue seeing when using windows xp machines access apps published in rdweb site getting

“the connection has been terminated because of unexpected server authentication certificate received remote computer”.

this error seems related crl of certs. using certutil able access crl.

windows 7 computers work deployment above have crl error:

“a revocation check not performed certificate”

this can bypassed , apps accessible. again certutil can access crl.

i have done of usual’s:

ensure root ca installed in computer trusted root ca

manually download , apply crl

verify crl accessible

cut new certs

ensure of computers names , aliases in san’s

forced used of gateway server

bypassed gateway server

removed servers 1 server running components (rd gw, rd cb, rdweb , rdsh)

any thoughts?

thanks,

ciaran

hi

sorry delay in updating forum. issue seems have “resolved itself”. call opened ms make sure there nothing untoward happening , configuration should have been.

the point note here on certificates. in end ms recommended 3^rd party ca cert gateway used connection broker , application publisher. goes against recommend in documents supported configuration.

also apparently not supported manually change certificate on windows server 2012 remote desktop session host service. why have removed mmc snapin management. said not technet article stating that.

so in summary not touch rd sh certs leave them self signed certs, use same san certificate gateway, web services, app signing , rd connection broker.

ciaran

Windows Server  >  Remote Desktop Services (Terminal Services)