0

I am having an issue setting up Remote Web in SBS 2011 Essentials. Everything works except Remote Desktop, which keeps giving me SSL cert errors. Is there a way to override the TS Gateway's decision to not allow cert errors?

If not, the specific error I am getting is that Remote Desktop is trying to connect using the DNS short name of our domain controller, but the certificate uses the FQDN, and as such, it reports an error and the connection never happens.

Any ideas?

codewario
  • 548
  • 3
  • 16
  • 33
  • Is it a valid certificate from a real certificate authority? – gravyface May 24 '11 at 23:19
  • No, self-signed. – codewario May 25 '11 at 13:00
  • Buy a real certificate. I never had success with SBS 2008+ using self-signed certificates and getting a domain-validated certificate should be less than $50 USD annually. – gravyface May 25 '11 at 18:15
  • Well, buying one would take me convincing my boss that an optional component is worth purchasing. Either way I think I know how to solve it but I've got to wait till the weekend to try anything else – codewario May 26 '11 at 04:16
  • Tell him without one, he's susceptible to man-in-the-middle attacks and this ensures that he's connecting to the right place... and it's 40 bucks a year, seriously. How much is your time worth? – gravyface May 26 '11 at 12:10
  • This is true, though regardless I would still like to know how to make this work with a self-signed certificate for knowledge's sake. If the functionality is there then I want to know exactly how to make it work, even if there are other easier solutions out there. – codewario Jun 03 '11 at 17:41

1 Answers1

1

Wouldn't a better solutiuon be to RDP to the server using the FQDN?

joeqwerty
  • 108,377
  • 6
  • 80
  • 171
  • No, he's talking about Remote Web Workplace which, after domain authentication (and certificate validation), will proxy an RDP session over SSL. tcp 3389 is not open at all on the firewall. – gravyface May 24 '11 at 23:18
  • 1
    I shouldn't need to forward port 3389 with this configuration, RWW uses a TS Gateway which needs 443 and 80 to work properly. – codewario May 25 '11 at 13:07
  • also tcp 3389 would only allow 1 computer to be accessed. RWW would allow any computer to be rdp'ed into. – servermanfail Feb 11 '12 at 18:56