Announcement

Collapse
No announcement yet.

remoteapp ssl

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • remoteapp ssl

    hi, trying to add a go daddy digital cert to the ts remoteapp deployment settings. have imported the .crt and the .p7b files into the personal store.
    get the attached error.
    this is a renewal of a previous cert which installed without the error.
    Can anyone assist as to why this is happening?
    Attached Files
    Last edited by Josh 2009; 10th October 2011, 07:53. Reason: more info

  • #2
    Re: remoteapp ssl

    Hello Josh...

    What have you tried to get it working?
    Waht type of Server is it?

    Apperently you did not type the first line of the the error message into google, so I am not helping you.

    But here is a hint... the click here and learn how to google ffs.

    http://lmgtfy.com/?q=The+configured+...+valid+for+RDP

    For the Love of all that is good and humane, PLEASE TRY GOOGLE BEFORE WASTING OUR TIME!!!!

    Otherwise, we might stop helping.

    Wofen
    Good to be back....

    Comment


    • #3
      Re: remoteapp ssl

      I have googled 'The configured digital certificate is not valid for RDP'

      Windows 2008 Standard Terminal Server.

      I imported the SSL cert into the Local Machine's "Personal" certificate store. The MMC Certificates snap-in says it's valid.

      When I configure the RemoteApp options, I can see and select the cert on the Digital Signature tab of the RemoteApp Deployment Settings.

      When I press "OK", I get this multi-paragraph error dialog box that says the cert can't be used to sign RDP files:

      "The configured digital certificate is not valid for RDP files, or the certificate is not installed on this computer.

      Comment


      • #4
        Re: remoteapp ssl

        Please create a new SAN certificate with the following spec:

        1. Common name: servername.domain.local
        SAN: servername

        2. Key Usage extension:

        Code Signing (1.3.6.1.5.5.7.3.3) and Server Authentication (1.3.6.1.5.5.7.3.1)

        3. Set the new certiifcate to be used by the RDP on the server + reboot the server.

        http://technet.microsoft.com/en-us/l...73(WS.10).aspx

        bdw... dp you use certificate from a trusted Root CA (The server + clients should trsut the Root CA)?!
        Last edited by yuval14; 12th October 2011, 19:00.
        Best Regards,

        Yuval Sinay

        LinkedIn: https://www.linkedin.com/in/yuval14, Blog: http://blogs.microsoft.co.il/blogs/yuval14

        Comment


        • #5
          Re: remoteapp ssl

          I don't know if this is thread hijacking but I also have a question about SSL for Remoteapps. I have RDS installed on a DC in a server 2008 R2 environment. The FQDN of the server was set to server.domain.local but I want to publish remoteapps with a self signed cert. The remoteapp has the FQDN that an external client would connect to (I made a DNS entry and mine is server.mydomainname.com). For some reason even after installing the cert into the trusted root it continues not to work. Maybe because the FQDN of the server is set to the local address and they are connecting externally. So I made an entry into the hosts file that server.domain.local should point to the external IP address and now it works (still asks once to confirm that the security cert wasn't issued by a trusted authority, but at least they can access the remoteapp). I'd like to either get a cert from godaddy, or for now, self sign a cert and install it on each remote workstation.

          I'm not sure what the next step should be...change the FQDN of the DC? Is that an easy process? Or can I just change something in II7?

          Thanks

          Comment


          • #6
            Re: remoteapp ssl

            RDS should not be used on DC.
            Best Regards,

            Yuval Sinay

            LinkedIn: https://www.linkedin.com/in/yuval14, Blog: http://blogs.microsoft.co.il/blogs/yuval14

            Comment


            • #7
              Re: remoteapp ssl

              Originally posted by yuval14 View Post
              RDS should not be used on DC.
              I hear you, but unfortunately our operation cannot afford a separate DC and this is how it is setup. Can you provide insight into the problem?

              Thanks

              Comment


              • #8
                Re: remoteapp ssl

                BUMP

                Does anyone have any ideas? I'd really like to get a proper SSL Cert on there so the users aren't prompted each time.

                Thanks

                Comment


                • #9
                  Re: remoteapp ssl

                  I'm not trying to be annoying, but I really want to get a proper SSL cert installed. I have a server with a "full computer name" of "server10.domain.local" and a domain name of "domain.local". This server acts as both a Domain Controller and as a Terminal Server. I know it is not recommended, but we are doing RemoteApp only and no one has access to anything but the RemoteApp which cannot access the system at all.

                  Please, I need help how to secure this server with a proper SSL Cert being that I names the FQDN already as a local name.

                  Thanks

                  Comment

                  Working...
                  X