Server 2022 RDS gateway and certificate subject name do not match

Gino Lercara 0 Reputation points
2023-03-12T13:33:44.65+00:00

I have a brand new RDS deployment. I'm getting a gateway and "certificate subject name do not match" error when I try to launch a remote app from RDWEB on an outside browser session. The gateway, however, is working fine by itself from a regular Remote Desktop connection. The remote app works fine when invoked from an internal browser session.

The weird part about all of this is that the certificate that is presented when the error occurs has nothing to do with the certificate installed in the RDS deployment.

User's image

Here is the certificate that causes the error:

User's image

Notice the "Issued to" is for partheon.io. In my research, I found out that this vendor is responsible for IP v6 DNS records which I'm not using.

I'm at a loss as to what could be causing this, but I suspect it's DNS related on the outside connection.

Thanks in advance

Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,217 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Limitless Technology 43,916 Reputation points
    2023-03-14T08:59:13.7366667+00:00

    Hello there,

    Make sure the client access the server by using the subject specified in the server certificate. Normally the server certificates subject(CN) includes the Fully Qualified Name of the server, so the client should access the server using the same.

    When SSL handshake happens client will verify the server certificate. In the verification process client will try to match the Common Name (CN) of certificate with the domain name in the URL. if both are different host name verification will fail. In your case certificate has CN as local host and when you try to invoke using IP address, it fails. When you create the cert you can have single host name / multiple host name / wild card host name as CN value.

    Hope this resolves your Query !!

    --If the reply is helpful, please Upvote and Accept it as an answer--

    0 comments No comments