No announcement yet.

HTTPS not working

  • Filter
  • Time
  • Show
Clear All
new posts

  • HTTPS not working


    I just installed a new 2008 server with the terminal services on it. I installed TS, IIS and the gateway all on one system.
    The system is working fine: I'm able to log in by using RDP, HTTP and HTTPS (I forced to used the gateway also for internal addresses).

    I have some problems in using this from outside. I published the site on a ISA 2006 server. If I try to reach it, I'm able to log in, but when I try to launch a published application, I continue to receive the password request.
    I saw an error in the ISA log: it looks like the client is trying to connect to http://terminal/rpc/rpcproxy.dll?localhost:3388, but it get an authentication error (403).
    The first strange thing is that it is trying to connect by using HTTP and not HTTPS. Do you have an idea about this?

    As a not, I have an Outlook HTTPS site published on the same ISA server and it is working fine.

    Thanks so much....


  • #2
    Re: HTTPS not working

    Did you use:
    Best Regards,

    Yuval Sinay

    LinkedIn:, Blog:


    • #3
      Re: HTTPS not working

      Hello. Thanks for the link.

      Yes, I already did all the things suggested in the video.

      The only difference is this:

      the internal server is named TERMINAL, the exposed address is
      The certificate installed on the internal IIS is issued to, the certificate used by the SSL listener is *

      I don't have any error about certificates anyway.

      I'm posting the exact error received in ISA here below:

      Denied Connection ISASERVER 30/01/2009 17.40.50
      Log type: Web Proxy (Reverse)
      Status: 12239 The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator.
      Rule: TSGateway
      Source: (xx.xx.xx.xx)
      Destination: (xx.xx.xx.xx:443)
      Request: RPC_IN_DATA
      Filter information: Req ID: 088ec902; FBA cookie: exists=no, valid=no, updated=no, logged off=no, client type=unknown, user activity=yes
      Protocol: https
      User: anonymous
      Additional information
      Client agent: MSRPC
      Object source: (No source information is available.)
      Cache info: 0x8 (Request includes the AUTHORIZATION header.)
      Processing time: 1 MIME type:


      • #4
        Re: HTTPS not working

        Hello, I have exactly the same problem.

        1 Server 2008 with TS Gateway role
        1 Isa server 2006.

        I've 3 card on this server
        1 internal
        1 external (for smtp,web, owa,... traffic)
        1 other external just for ts gateway

        From the isa I can connect to the Terminal Servers published, ping the tsgateway server and https://servername.domain.local:443/rpc works fine.

        But on the client pc, the mstsc doesn't work...

        As someone a solution?


        • #5
          Re: HTTPS not working

          1. Please don't use * certificate. Try to use a regular certificate for test.

          2. Please use the information in the link as is.
          Best Regards,

          Yuval Sinay

          LinkedIn:, Blog:


          • #6
            Re: HTTPS not working

            I use not the * certficate.

            I've create a certificate like and create a dns entry in AD to access on the internal network....

            I've seen the video but it's difficult, the resolution is very bad.
            I've 2 difference with this video:
            - I use the same name for my internal and external TS Gaetway server
            - I've not installed TS Web Access (I've not the /ts directory in IIS).


            • #7
              Re: HTTPS not working


              Unfortunately I can not avoid to use the * On the same ISA I have published a sharepoint and an Outlook web site. Since I access these services with different names (,, I can't (or at least I don't know how) do it in a different way.

              But, what is puzzling me is why the connection is made on the HTTP rpc site and not on the HTTPS....