Install GoDaddy SSL certificate Remote Desktop Services
5 Replies· · ·
Habanero
OP
jrp78
This person is a verified professional.
Verify your account
to enable IT peers to see that you are a professional.
Windows Server expert
69 Best Answers
219 Helpful Votes
Where did you generate the CSR? on the RDS server? If so have you completed the cert request with the new cert?
Show Server manager > Remote Desktop Services > Overview You will need to go into IIS and add a binding for the address you want to use(rds.company.com for example) and use the cert.
1
· · ·
Sonora
OP
devinsantillanes
Jan 20, 2020 at 22:26 UTC
I just generated the new CSR from the server IIS (with the correct information, CN as my wildcard domain name) I imported the certificate into IIS with installing the intermediate certification authority certificate as well. Right now the RDWeb is on the default site, can I change that to use my new domain that I bought from godaddy? Also, I have two companies in the same building that both have servers that have DNS servers on them for different domains. These DNS servers are not separated on the network at all currently. Would I add an A record in both of these servers for the hostname?
0
· · ·
Habanero
OP
jrp78
This person is a verified professional.
Verify your account
to enable IT peers to see that you are a professional.
Windows Server expert
69 Best Answers
219 Helpful Votes
1. Yes, that is what I meant by adding the binding in IIS.
0
· · ·
Tabasco
OP
m@x
Jan 21, 2020 at 04:15 UTC
Make sure that internal clients can locate servername.companyname.com that is pointing to your internal resource that is actually servername.company.local. 1) Identify which DNS server is being used by external clients when they connect via VPN. Let's say it's the Active Directory DNS on DC. Then create a new Forward Lookup Zone "servername.companyname.com" (yes, include the servername in the zone name). Then create a Host A record inside: leave the name blank, just enter the IP address of your RDS server. Run a test from a client connected over VPN if it can resolve the servername.companyname.com. Then: 2) Make sure to add the certificate to all entries under your RDS deployment properties. 3) Your connection broker role might continue using its local FQDN when replying to incoming remote connections, so you'll need to change it using powershell: Text
Set-RDClientAccessName -ConnectionBroker "servername.company.local" -ClientAccessName "servername.companyname.com"
HTH.
1
· · ·
Tabasco
OP
m@x
Jan 22, 2020 at 03:56 UTC
No, it is not unsafe. But this is different from what you wanted to accomplish in first place. Your clients were connecting to RDS internally, while on VPN, no? To configure external access to RemoteApps etc without VPN, you need to change your deployment strategy. RD Gateway server must be used to secure and monitor incoming connections. It will be listening on 443 and relaying to Connection Broker over 3389. You either configure forwarding on the firewall WANIP:pickaport ---> Gatewayserver:443. Or, to increase security even more you'll need to set up a Reverse Proxy (aka Web Server Protection feature). In both cases you will need to place your cert onto the firewall in addition to RDS server.
1
This topic has been locked by an administrator and is no longer open for commenting. To continue this discussion, please ask a new question. Install updated GoDaddy Certificate for RDC on 2012r2
Archived Forums
>
Remote Desktop Services (Terminal Services)
Answers
All replies
Generate a CSR Code for Remote Desktop ServicesWhen applying for an SSL Certificate, you must generate a CSR code and submit it to the CA. The CSR includes contact details about your website or company. Depending on the version of your Remote Desktop Gateway Server, you can create the CSR in the same release of IIS. Microsoft IIS server comes pre-installed with every version of Windows. For instance, if you use RDS 2016, you will generate your CSR in IIS 10 which is included in Windows Server 2016. We’ve already written comprehensive guides on how to generate a CSR code on various IIS versions. Use the links below to find the relevant guide:
After you create your CSR and complete the SSL validation, the CA will send all the necessary certificate files to your inbox. You can now proceed to SSL installation. How to install an SSL Certificate on Remote Desktop Services?This step by step guide will show you how to install an SSL Certificate on Remote Desktop Services (RDS). You will also learn a few interesting facts about RDS, and discover the best place to shop for any type of SSL Certificates. If you still haven’t generated your CSR (Certificate Signing Request) and passed the SSL authentication, refer to the CSR Generation tutorials in the first part of this guide. |