Pages

Monday, July 18, 2011

Using Wildcard Certificate and UCC certificates for RD Session Host server farms (2008 R2 SP1)

This is an update to a previous post I did regarding certificates for RDS. It used to be (in 2008, and 2008 R2) that you could not use wildcard or UCC for RD Session Host farm servers. This has changed.

Since installing 2008 R2 SP1, I have again tested securing RDSH farm servers using a wildcard certificate and a UCC certificate, and now I get no errors!

Example: I used a wildcard certificate (*.domain.com) for securing RD Gateway, securing the RDWA website, all RDSH farm servers, and for RemoteApp signing, and I now get no errors.

I have not been able to confirm exactly what change has been made by Microsoft but SOMEthing has definitely changed to make using wildcard and UCC certificates for RDSH farm servers work.

2 comments:

  1. Great news, thanks for sharing Kristin!

    ReplyDelete
  2. I'm not sure how your taking care of the "mismatch" of doing this?? When you use a wildcard cert and you remote through the gateway and into a session host, the host comes back at you with a different name and gives you a "mismatch" certificate error. You can of course still continue but not acceptable in some opinions. How do you have this configured?

    Thank you in advance!

    ReplyDelete