Mundy

IT Knowledge Base

User Tools

Site Tools


ssl_certificates_for_remote_desktop_services

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
ssl_certificates_for_remote_desktop_services [2017/08/17 11:03]
Dan Mundy created
ssl_certificates_for_remote_desktop_services [2018/04/09 09:56] (current)
Line 1: Line 1:
 ====== SSL Certificates for Remote Desktop Services ====== ====== SSL Certificates for Remote Desktop Services ======
 +
 +<​blockquote>​
 +Recently, all public certificate providers are stopping issuing certificates with ‘.LOCAL’ in them
 +
 +<​cite>​[[https://​blogs.technet.microsoft.com/​askperf/​2014/​01/​24/​certificate-requirements-for-windows-2008-r2-and-windows-2012-remote-desktop-services/​|Certificate Requirements for Windows 2008 R2 and Windows 2012 Remote Desktop Services | Ask the Performance Team Blog]] - also includes good info on wildcard / SAN certificate options</​cite>​
 +</​blockquote>​
 +
 +{{page>​ad&​noeditbutton&​nofooter}}
  
 ===== Install Certificate on Session Host ===== ===== Install Certificate on Session Host =====
Line 13: Line 21:
 Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="​$Thumbprint"​} Set-WmiInstance -Path $path -argument @{SSLCertificateSHA1Hash="​$Thumbprint"​}
 </​code>​ </​code>​
 +
 +===== Installing certificate on the Gateway =====
 +
 +{{page>​ad&​noeditbutton&​nofooter}}
 +
 +Assuming you have a real (eg GoDaddy) certificate in PFX format (if it's already is mmc, right click in and export, along with private key),
 +
 +There'​s several places where this needs to be imported into the RD Gateway
 +
 +  - In RD Gateway Manager, Right click the server, properties, SSL Certificate tab
 +  - In the Deployment properties, select each role service, "​Select existing certificate",​ "​Choose a different certificate",​ browse to the PFX and enter the password. Do the same for each role service. Use the same certificate for all (suggest a wildcard eg *.mundy.co)
 +
 +
ssl_certificates_for_remote_desktop_services.txt · Last modified: 2018/04/09 09:56 (external edit)