Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

RWW - certificates on client PCs

  • Filter
  • Time
  • Show
Clear All
new posts

  • RWW - certificates on client PCs

    It's not something I've ever really been concerned about before, but a new client has raised the following issue.

    when connecting to RWW, then selecting an internal computer to RDP to, it pops up a certificate for the internal computer. This is a self-signed certificate, issued by the CA for the domain, with a subject name of clientA.domain.local

    The SSL certificate bound on the interface is a standard normal SSL cert (not a UCC) for and works fine.

    when the clients try to connect from home, or whereever else, they get the certificate popup and they'd like to not get that.

    first option is obviously to get them to deploy the certificate (and I know there's a package do to this) but if they're always working from odd locations, they can't really do it everywhere.

    So, I was wondering if I can use Group Policy to tur off the certificate requirement for RDP on client workstations.. ?
    Please do show your appreciation to those who assist you by leaving Rep Point

  • #2
    Re: RWW - certificates on client PCs

    Pretty sure the only ways around this are to deploy the package, or switch to using a trusted third-party certificate instead of the self-issued at the server end.
    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
    Cruachan's Blog


    • #3
      Re: RWW - certificates on client PCs

      Then it is working the way it should. Do you really want them working from all kinds of "odd locations" where you are not sure that the computers thay are using are clean and comply with your organisation standards.
      If you do, then issue them with USB keys that have the certificate installation package on them - a few clicks, but IMHO you are leaving yourself open to security and/or virus problems.

      Steven Teiger [SBS-MVP(2003-2009)]
      Iím honoured to have been selected for the SMB 150 list for 2013. This is the third time in succession (no logo available for 2011) that I have been honoured with this award.

      We donít stop playing because we grow old, we grow old because we stop playing.