Easiest Way To Fix Untrusted SSL for RDS

Question

So, I don't have a Certificate Authority on my server and I just need a single cert to be trusted so it can be used on our VPN for RemoteApps via RDS.

Within our network, it shows NOT SECURE which is fine but the same cert will not work over VPN.

What is a quick and easy way to resolve this? It is my last hold up before rolling our RemoteApps.

Answer 1

Hello,

The quickest and easiest method is to obtain a certificate from a public Certificate Authority (CA) and associate it with RD Web Access (when user access RemoteApps through RDWeb).

When connecting via VPN from outside the network, client computers typically trust certificates issued by well-known authorities by default. If a certificate isn't recognized as valid, it may reject the connection to mitigate potential security risks.

Once the public certificate is installed, it's already trusted by most operating systems and web browsers, eliminating the need for manual installation on each client's trusted root store, as required in the case of self-signed certificates.

Reference article:

Using certificates in Remote Desktop Services | Microsoft Learn

How to Create a Self-Signed Certificate on Windows | Windows OS Hub (woshub.com)Note: Since the websites are not hosted by Microsoft, the links may change without notice. Microsoft does not guarantee the accuracy of this information. 

Regards,

Karlie

Answer 2

Thank you for this...I did check out a few public providers but still seems like it is kind of difficult to do...for instance, I went to Lets Encrypt and I just need a trusted certificate for our internal network and I didn't find direct instructions on how to make this. I just need this internal one "trusted"...